Apparently ours wasn't the only target then:
http://www.kake.com/home/headlines/3540076.html
These guys have been on a major campaign.
-krb
--- Bowie Bailey Bowie_Bailey@BUC.com wrote:
William L. Maltby wrote:
On Wed, 2006-08-09 at 17:26 -0400, Bowie Bailey
wrote:
William L. Maltby wrote:
The solution to that is a secure password
manager.
http://passwordsafe.sourceforge.net/
You just have to remember the one password and
the program will track
all of the rest for you. This way you can use
gibberish passwords for
important sites such as online banking and you
don't have to remember
them or write them down anywhere. The password
database is encrypted
using Twofish and SHA-256.
I don't care for that concept. One password
cracked gives access to all.
I would rather take the admitted risk of writing
them down (in *my*
scenario, rather secure at home) and referring to
that when needed.
True, but if you make that one a good one and use it only for that purpose, the risks are minimal.
The ones I use frequently will be remembered. I
don't use them on the
road at all, so that's reasonable. I prefer to not
have passwords stored
on computers any more that necessary.
I don't think it's a problem to have the passwords stored on the computer. Just make sure they're securely encrypted.
No I'll admit I fudge a *small* amount. Those who
have access in my home
know windows only, not Linux and I have no shares
with them. They are
TDU (Typical Dumb Users) and don't know how to use
SSH, FTP, ... or even
how to find my comps on the LAN (now SMB node or
Domain Controllers
here).
The only real downside is that if you don't have
access to the
password manager, you don't have access to
anything else either.
Well, I do consider the one password exposes all a
downside. But I also
grant that it is more secure than many
alternatives.
You know what they say: "You can put all your eggs in one basket, but WATCH THAT BASKET!"
As long as you are extremely careful with the access password, you shouldn't have a problem. I will take this risk for the advantage of being able to easily use highly secure passwords. For example, my online banking password is a sequence of random characters. I don't have to remember it or type it. If I didn't have a tool like this, I would have to either write it down somewhere or use a less-secure password that I could remember.
Oh...and don't forget backup the password
database! :)
I'm finalizing my LVM-based snapshots with aging
of deleted files right
now, so I will be covered.
That works, but a simple backup copy to a floppy disk or external hard drive works as well.
Thanks for the URL. I will go take a look. My mind
is not yet
rusted closed even if (... *when*) I think I'm
right! :-)
The creator of this tool is a rather paranoid security expert. I figure if he is willing to use it, it's worth a look.
http://schneier.com/ (note that the Password Safe information on that page refers to an older version that used Blowfish rather than Twofish)
-- Bowie _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com