[thelist] changing password design

Liam Delahunty ldelahunty at britstream.com
Fri Sep 12 08:46:26 CDT 2003


Simon Willison Sent: 12 September 2003 11:26

>Bruce Schneier's advive on this page makes a lot of sense:

>"You can't memorize good enough passwords any more, so don't bother.
>Create long random passwords, and write them down. Store them in your
>wallet, or in a program like Password Safe. Guard them as you would your
>cash. Don't let Web browsers store passwords for you. Don't transmit
>passwords (or PINs) in unencrypted e-mail and Web forms. Assume that all
>PINs can be easily broken, and plan accordingly."

Seeing as you've quoted Bruce Schneier who mentioned Password Safe, then
windows users may be interested in:

http://sourceforge.net/projects/passwordsafe/

"Password Safe is a password database utility. Users can keep their
passwords securely encrypted on their computers. A single Safe Combination
unlocks them all."

An alternative is to create a single document that you encrypt with your own
public key; again a single password (for your private key) gives access to
everything else.

Kind regards, Liam Delahunty, Mega Products Limited
http://www.onlinesales.co.uk/ Open Source PHP/MySQL E-commerce
http://www.liamdelahunty.com/ web/ design/ database/ programming
http://www.britstream.com/ Hosting/ Domain Names From UKP 7.50 p.a.



More information about the thelist mailing list