On 5/6/20 8:26 PM, Kent Borg wrote:
Which is near where we started. By having passwords so cumbersome that
they require convenience-driven password management you are betting
that your password manager software is, for some magical reason,
bug-free.
Choose and deploy password in such a way that you can survive many bugs.
What if my password encryption has a really bad flaw? No big deal if I
also go to significant effort to prevent anyone from getting a copy of
it. By having a limited feature password database it is possible to put
a layer of security around it. But if it is sitting between you and the
internet, doing stuff automatically, then it is *on* the internet. And
you should be scared.
Most people should keep their password list, somewhat obfuscated, hand
written, on paper, and then guard that paper carefully, as though it
were very important.
And they should keep an "offsite" backup hand copied on paper. (No
photos, photocopiers, they are just computers these days.)
-kb
_______________________________________________
Discuss mailing list
Discuss@lists.blu.org
http://lists.blu.org/mailman/listinfo/discuss
