Using a crappy password for an important service because it needs to be easy to remember is a very, very bad idea. A much better idea is to choose a difficult-to-crack password, and keep it in your wallet.
While it takes some setting up, as long as you're keeping things in your wallet you might look into setting up OPIE (S/KEY) for your server. It uses a short pass phrase, that changes every time you log in. Practically impossible to crack, and renders keyboard sniffing useless. Many sshd users, because of the constant crack attempts (my logs are filled, too), opt to choose a different port for their servers to sit on. This pretty much eliminates the attacks. Personally, I use key-based authentication, with a failover to OTP. I keep a list of the passphrases in my wallet. -- blacklist hosts after 3 wrong password https://bugs.launchpad.net/bugs/77943 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
