Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Thu May 27 1999 - 23:44:23
Ben Laurie (ben@algroup.co.uk)
Thu, 29 Apr 1999 21:10:28 +0100
Bill Frantz wrote:
>
> At 11:18 AM -0700 4/28/99, bram wrote:
> >On Wed, 28 Apr 1999, Salz, Rich wrote:
> >
> >> >The alternative is to write them all
> >> >down in one place
> >>
> >> Or pick a random "base" and then add obvious per-site info, as in
> >> xyzzy.microsoft
> >> xyzzy.nytimes
> >> xyzzy.clublove
> >> etc...
> >
> >That's a pretty good idea - it reduces significantly the risk of someone
> >extending a breach of one password to another, since an automated tool
> >which just reuses all the passwords elsewhere won't work. It still does
> >allow for breaches of passwords in one place to extend elsewhere though.
>
> I divide the world of passwords into two flavors, those where I have an
> interest in the security provided, and those where someone else thinks I
> should have a password. The first case includes employer/consulting client
> machines, my machines, bank accounts etc. The other includes most web
> pages like the Java developer, and the New York Times pages.
>
> For the first class, I try to use good passwords, generated by a
> proprietary algorithm, which is different for each user. For the second
> class, I use the same easy to remember password everywhere.
That's precisely what I do (except I sometimes have to double up the
easy password, coz they think it is too easy).
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html"My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Gandhi
The following archive was created by hippie-mail 7.98617-22 on Thu May 27 1999 - 23:44:23