<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div><span>I'm joining this discussion late. Not sure I understand the full import of this thread but I will say this ...</span></div><div style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal; "><span><br></span></div><div style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal; "><span>On NPR yesterday there was some talk about password management. I dealt with this problem a few years ago by permuting a couple pieces of info. I have many passwords and I remember none of them. I figure them out based on a pattern (permutation). Is this good or bad? The info used in the permutation is a private piece of info and a piece of info derived
from the account I want to access. The private info and permutation is known only to me. I have tons of strong passwords.</span></div><div style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal; "><span><br></span></div><div style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal; "><span>I hope I've not derailed this thread with my comment. Carry on good people.</span></div><div><br></div> <div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "> <div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "> <div dir="ltr"> <font size="2" face="Arial"> <hr size="1"> <b><span style="font-weight:bold;">From:</span></b> jacob <jborer@gmail.com><br> <b><span style="font-weight: bold;">To:</span></b>
CLUE's mailing list <clue@cluedenver.org> <br> <b><span style="font-weight: bold;">Sent:</span></b> Wednesday, September 19, 2012 10:15 AM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [clue] Passwords (was Re: Website and git.)<br> </font> </div> <br>
<meta http-equiv="x-dns-prefetch-control" content="off"><div id="yiv737795514">As an aside. Anyone using a service like gmail or yahoo mail should turn on two factor authentication. <div><br></div><div>Google also offers Application Specific Passwords that can be easily revoked for use cases where the password is persisted to disk. (Like an email sync client) Gmail also provides a details link on the bottom of gmail which will show you where activity is coming from. I do not know what other services offer these features.</div>
<div><br></div><div>Passwords get compromised and stolen easily. If someone can access your email they have the keys to the castle usually.<div><br></div><div><div>-jacob<br><br>p.s. I work for Google so my opinions may be biased. Also my opinions do not necessarily represent Google.</div>
<div><br><div class="yiv737795514gmail_quote">On Tue, Sep 18, 2012 at 10:33 PM, David L. Anselmi <span dir="ltr"><<a rel="nofollow" ymailto="mailto:anselmi@anselmi.us" target="_blank" href="mailto:anselmi@anselmi.us">anselmi@anselmi.us</a>></span> wrote:<br><blockquote class="yiv737795514gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="yiv737795514im">Gary Romero wrote:<br>
> You mean you guys aren't using KeePass?<br>
<br>
</div>Yes, because that's the only way to stay sane. But passwords still suck. And they've been obsolete<br>
for years (close to 10 that they haven't provided needed security and at least 5 that other things<br>
have been available).<br>
<br>
Dave<br>
<div class="yiv737795514HOEnZb"><div class="yiv737795514h5">_______________________________________________<br>
clue mailing list: <a rel="nofollow" ymailto="mailto:clue@cluedenver.org" target="_blank" href="mailto:clue@cluedenver.org">clue@cluedenver.org</a><br>
For information, account preferences, or to unsubscribe see:<br>
http://cluedenver.org/mailman/listinfo/clue<br>
</div></div></blockquote></div><br></div></div></div>
</div><meta http-equiv="x-dns-prefetch-control" content="on"><br>_______________________________________________<br>clue mailing list: <a ymailto="mailto:clue@cluedenver.org" href="mailto:clue@cluedenver.org">clue@cluedenver.org</a><br>For information, account preferences, or to unsubscribe see:<br><a href="http://cluedenver.org/mailman/listinfo/clue" target="_blank">http://cluedenver.org/mailman/listinfo/clue</a><br><br> </div> </div> </div></body></html>