| Steve Litt via plug on 30 Apr 2022 16:17:59 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Correct Horse Battery Staple |
K.S. Bhaskar via plug said on Sat, 30 Apr 2022 17:59:15 -0400 >Horse battery staple is a terrible idea. If you have to remember five >random sequences of four words each, you can, but if you have to >remember 20 (most people have logins for at least e-mail, social >media, banking, etc.) it's questionable whether you can. Horse battery >staple may be a good idea for a master password for a password >manager, but that's it; certainly not for a bunch of accounts. Instead >of random sequences of words, most people will end up using meaningful >phrases like “Mikey's high school PTO” which have far less entropy. The preceding is exactly what I was going to say. There are three kinds of password users: 1) Dingbats who user their wife's birthday. 2) People who use a keychain and hope nothing technical ends up losing every password. 3) People using their own personal combination of good passwording principles and security by obscurity. I wrote about this at http://www.troubleshooters.com/lpm/201408/201408.htm#lessons_of_heartbleed . From there, search for the phrase "security by obscurity". That's all I'm going to say about that! SteveT Steve Litt March 2022 featured book: Making Mental Models: Advanced Edition http://www.troubleshooters.com/mmm ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug