[ubuntu-za] Security - passwords

[Wesley Werner]

Hi Leon,

I can only suggest an alternative to password managers: I don't use one, or the same password twice, ever. 

If you create your own formula to apply to each device/site then you don't need a manager app. 

The trick is to understand that, as far as brute force cracking goes, entropy is irrelevant when compared to having a large "search-space". this means having just one of each character type, and padding to fill the size, increasing the space. There is no need for pseudo-random junk-bits that only make passwords less memorable. 

For more on this method read: https://www.grc.com/haystack.htm

On 2 December 2014 17:41:55 SAST, Leon Gert Marincowitz <lmarincowitz at gmail.com> wrote:
>Hi all
>
>Sometime this year I moved all my passwords to keypassx. Which is great
>when I'm on my Ubuntu laptop. Not so great when on my android-having to
>Bluetooth the encrypted file to myself.
>
>But late last week I had a security crises where I couldn't get into a
>crucial account as I had forgot to send myself the updated file.
>
>Now I'm thinking that a physical file is perhaps not the best way to
>manage
>passwords across multiple devices.
>
>So, here's a quick poll on what does everyone consider to be the best
>security as in password management.
>
>Does anyone use password manages such as last pass or the like,
>keypassx,
>or something new I've found recently called hash passwords.
>
>Anyone has experience in this regard or would like to share their
>thoughts?
>
>Regards
>
>Leon G. Marincowitz
>
>Apologies for brevity, sent from smartphone
>
>
>------------------------------------------------------------------------
>
>-- 
>ubuntu-za mailing list
>ubuntu-za at lists.ubuntu.com
>https://lists.ubuntu.com/mailman/listinfo/ubuntu-za

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-za/attachments/20141202/23822232/attachment.html>