Passwords are not a formality

I recently came across an encrypted password NOT where it should be.  The individuals involved probably didn’t realize what they had done, and it might be fixable by relocating and properly protecting the file containing this password (as long as the password has not been guessed, or the individuals involved change the password).  However, the mindset will still remain.

Anyone that puts an important file with an encrypted password on more than a dozen computers, with permissions of the file being world-readable, doesn’t really understand the ramifications involved.

Since then, I have

read on
Posted at 12pm on 12/07/09 | Comments Off | Filed Under: linux, philosophy, security, tech

Password Tools for Remembering

I’ve been a reader of Slashdot.org for quite a while.  At least for 9 or 10 years if I recall correctly.  Every now and then a reader asks the Slashdot community a question regarding best practices and practical methods for remembering an arbitrary large number of passwords the average person needs to keep track of.  The question is usually worded differently, but the need is usually the same — the passwords need to be kept safe, but portable, uncoupling them from specific software or platform as much as possible, and

read on
Posted at 12am on 11/12/09 | 1 Comment » | Filed Under: life, linux, open source, philosophy, security