DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 11th July 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,142
Thanked 182 Times in 149 Posts
Default How elite security ninjas choose and safeguard their passwords

From http://arstechnica.com/security/2013...eir-passwords/

Quote:
I recently checked in with five security experts to learn about their approach to choosing and storing crack-resistant passwords. They include renowned cryptographer Bruce Schneier, who is a "security futurologist" at BT and recently joined the Electronic Frontier Foundation's board of directors; Adriel T. Desautels, CEO of Netragard, a firm that gets paid to hack large companies and then tell them how it was done; Jeremiah Grossman, founder and CTO of WhiteHat Security; Jeffrey Goldberg, "defender against the dark arts" at AgileBits, a company that develops the popular 1Password password manager; and Jeremi Gosney, a password security expert at Stricture Consulting.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 11th July 2013
thirdm thirdm is offline
Package Pilot
 
Join Date: May 2009
Posts: 198
Thanked 3 Times in 3 Posts
Default

Grossman's approach of encrypting a removable file system full of secrets and to some extent all the approaches reminded me of this line from a Doug McIlroy paper I read the other day:

Quote:
Even if crypt were perfectly safe, it would be unwise to encrypt files of lasting value. It is too easy to lose the key either inadvertently or deliberately. Consequently crypt has been demoted to the games chapter (Grampp, v9).
http://doc.cat-v.org/unix/unix-reader/reader.pdf

I wonder what approach he would suggest. Or perhaps you could argue that passwords aren't of lasting value since there's usually some process for resetting one should you lose it.
Reply With Quote
  #3   (View Single Post)  
Old 13th July 2013
Ninguem Ninguem is offline
Shell Scout
 
Join Date: Jun 2011
Posts: 136
Thanked 0 Times in 0 Posts
Default

What if I was to use a different keyboard when logging into my account?
  • I have an external international keyboard for X.
  • I set it as the standard when making passwords.

Now, with this or any other keyboard, would it be possible that exact characters would have to be put in?
__________________
No signature
Reply With Quote
Reply

Tags
password

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Which one should i choose? Friday Off-Topic 7 19th September 2010 06:24 PM
Which GPU to choose to be as much compatible with BSDs as possible hyperspace General Hardware 12 23rd June 2010 04:51 PM
How to choose a safe bank guitarscn Off-Topic 8 22nd January 2010 03:36 AM
[DOVECOT] How to choose the ports? Sunsawe FreeBSD Ports and Packages 2 7th July 2008 02:41 PM
What version of FreeBSD should i choose latorion FreeBSD Installation and Upgrading 4 19th May 2008 10:16 PM


All times are GMT. The time now is 02:27 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick