[conspire] Fwd: Conspire Hey!

Ehud Kaldor ehud.kaldor at gmail.com
Thu Nov 15 13:49:36 PST 2012

I use Keepass, which is the same - an OSS password database and generator.
Heard good things about Lastpass, but never used it.
 On Nov 15, 2012 1:39 PM, "Rick Moen" <rick at linuxmafia.com> wrote:

> Quoting Adrien Lamothe (alamozzz at yahoo.com):
> > check this out [spamvertised URL]
> Adrien's Yahoo login credentials were apparently stolen by spamvertising
> cretins pushing a work-from-home scam.  I've telephoned him to advise of
> his problem and made sure no further pollution from his subscribed
> account is possible pending his cleanup.
> I'm also purged that post from the archives.  (It takes ~20 mins
> to rebuild archives for a mailing list with 12 years of traffic.)
> Popular 'free' webmail services (Yahoo, GMail, Hotmail, etc.) seem
> hotbeds of this sort of credential theft, and Yahoo accounts seem
> particularly affected.  A propos of that, I notice:
> http://www.wired.com/threatlevel/2012/07/yahoo-breach/
>   Report: Half a Million Yahoo User Accounts Exposed in Breach
>   By Kim Zetter
>   07.12.12, 12:19 PM
> Article ends with this valuable reminder:
>   The attacks highlight the danger of re-using passwords at different
>   websites, as hackers can mine the data and attempt to use the same
>   credentials with more sensitive accounts that users may have, such as
>   online banking and e-mail accounts.
> Personally, I keep my (globally unique and strong) username/password
> data in a PDA, airgapped from the computers and other places I use them,
> using this open-source 3DES-encrypted datastore utility for PalmOS:
> http://gnukeyring.sourceforge.net/
> Other people elect, instead, to use an online computer-workstation-based
> encrypted datastore -- which is a defensible choice but faces attack
> modes that my airgapped one evades.  Regardless, in either case, the
> win is that you are enabled to cease reusing passwords or relying on
> weak passwords, as the datastore helps you overcome human memory
> limitations that naturally lead people to do dumb things with passwords.
> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/conspire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/conspire/attachments/20121115/410d428d/attachment.html>

More information about the conspire mailing list