[conspire] storing passwords
Rich Bodo
richbodo at gmail.com
Wed May 3 11:43:04 PDT 2017
Love that password manager, Don! I was just looking for a new one and this
thread popped up.
Somewhat related, I have been working with windows users who are, as of
late, much more concerned with the security of their documents. If had to
go back and try a whole bunch of password DBs and encryption programs on
windows to find things that were simple enough to work for them.
Here is what I came up with. If you have to teach windows users to use
encryption, you could do worse than starting with these:
http://richbodo.pbworks.com/w/page/117218100/Simple%20Encryption%20Programs
On Thu, Apr 6, 2017 at 3:17 PM, Don Marti <dmarti at zgp.org> wrote:
> begin Rick Moen quotation of Thu, Mar 30, 2017 at 11:44:02AM -0700:
> > Quoting Paul Zander (paulz at ieee.org):
> >
> > > I totally understand the need to have different passwords for
> different accounts. I also seem to have a limit on the number of brain
> cells for this.
> >
> > This is a wise and astute comment. The biggest problem with passwords
> > is that we need to create, reliably remember, and occasionally change
> > quite a lot of them, that any compromosing of password complexity
> > or duplication makes them a lot weaker, and that the human brain simply
> > can't do all that.
>
> Things that people are really bad at: remembering
> strings of high-entropy text.
>
> Thing that most web site security depends on: making
> users remember strings of high-entropy text.
>
> I use "pass" which I can sync among devices without
> trusting the server too much:
>
> https://www.passwordstore.org/
>
> You do have to have GPG working first (and it helps
> to know git), but once you have that it's pretty
> straightforward.
>
> protip: if you want to keep people who do web
> development from trusting their data to your web
> site, disallow passowrds containg quotation marks,
> percent signs, or semicolons.
>
> --
> Don Marti <dmarti at zgp.org>
> http://zgp.org/~dmarti/
> Are you safe from 3rd-party web tracking? http://www.aloodo.org/test/
>
> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/conspire
>
--
https://www.linkedin.com/in/complete <http://www.linkedin.com/in/complete>
C: 650-283-6037
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/conspire/attachments/20170503/fe4e0e1a/attachment.html>
More information about the conspire
mailing list