North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Re: external access and passwd mgmt (was Re: SSH on Cisco ...)
A lengthy discussion of why wouldn't be on topic here in NANOG, but it's a basic principle of computer security that if your password is so long that you must write it down to remember it, it is by definition too long. It is better to have a less-"secure" password that is not written down anywhere. If you must write a password down somewhere, it should be in a safe-deposit box that nobody has access to, so that it can only be recovered after your death. If you must write a password down electronically, it should encrypted, which makes it no better than the password of the encrypted database, so passwords should just plain flat never be so long that you have to write them down. The Gnu Keyring exists so that: 1) We can keep track of more passwords as securely as possible. 2) We can keep track of too-long passwords assigned to us by well-meaning folks. 3) We can keep track of long non-password numbers without having to haul around dangerous things like credit cards. :-) If you worked for me, I'd ask you to destroy that piece of paper and not do it again. On Mon, 1 May 2000, Bennett Todd wrote: > > I recommend instead picking an _exceptionally_ strong, > computer-generated random password for the keyring itself, and > writing it down on a slip of paper in your wallet until you've used > it enough times to memorize it.