On 17/12/2024 17:44, Michael Kjörling wrote:
On 17 Dec 2024 06:45 +0100, from to...@tuxteam.de:
Then follow Bruce Schneier's advice and*write them down*.
Do you have a reference?
I ask because I'm in the middle of a discussion (and that was my advice,
too). Seeing what Schneier has to say on that would be very interesting.
Not Schneier, but consider also the UK National Cyber Security
Centre's position on password managers:
https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers
Under the heading "Should I use a password manager?" the opening is:
"Yes. Password managers are a good thing. They give you huge
advantages in a world where there's far too many passwords for anyone
to remember."
I couldn't cope without PasswordSafe (thanks Mr. Schneier) and the
nonsense about about not changing them ignores the obvious. My bank
performs security checks by requesting a sub-set of my password. It
doesn't take a genius to work out that after several visits the complete
password can be deduced.
Peter HB
