hacked - looking for doc/suggestions on hardening/securing systems from the start

Tim ignored_mailbox at yahoo.com.au
Fri Dec 20 17:06:14 UTC 2013


Allegedly, on or about 20 December 2013, Greg Woods sent:
> The eventual point of this is that there is really no such thing as a
> hard-to-guess and easy-to-remember password. It's one thing to have a
> password like "purplepolkadotsonmydog", but another to remember
> whether that password was for Amazon, Newegg, Kaiser, <list of 100
> other web sites>.
> 
> I can and do use a very small number of hard-to-guess,
> easy-to-remember passwords for places where using the password safe is
> not practical (e.g. the initial login to my personal machines, the
> password for the safe, the password for Dropbox). But for anyone who
> does a lot of stuff online, and therefore interacts with a large
> number of sites that use a password for authentication, you need a
> password safe. 

It gets worse if you use multiple computers.  It's a nightmare trying to
do something that's accessible on all, and secure.  Whether that be
letting applications remember passwords, and I'm severely pissed with
browsers that can't remember passwords because some *utterly*
*unimportant* site thinks they should block your browser from doing so
(though I don't object to a bank site doing that), or having a special
password safe application.  I can remember but a few passwords off the
top of my head.

Smartarse passwords can bite you on the bum.  I had to phone up a
service and tell them a password for access.  Previously, their system
had given me a lot of grief, so I had set a password that stated what I
thought of them.  ;-)

-- 
[tim at localhost ~]$ uname -rsvp
Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64

All mail to my mailbox is automatically deleted, there is no point
trying to privately email me, I will only read messages posted to the
public lists.

George Orwell's '1984' was supposed to be a warning against tyranny, not
a set of instructions for supposedly democratic governments.





More information about the users mailing list