North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Re: external access and passwd mgmt (was Re: SSH on Cisco ...)

  • From: Deepak Jain
  • Date: Mon May 01 17:54:29 2000

I find tatooing very long passwords on the underneath the tongue of
interns (in cipher text) especially effective. Excluding drunken
debauchery, it takes the consent of two people to unlock the password.

(I'm kidding, its not cipher text!)

Deepak Jain

On Mon, 1 May 2000, Shawn McMahon wrote:

> A lengthy discussion of why wouldn't be on topic here in NANOG, but it's a
> basic principle of computer security that if your password is so long that
> you must write it down to remember it, it is by definition too long.
> It is better to have a less-"secure" password that is not written down
> anywhere.
> If you must write a password down somewhere, it should be in a safe-deposit
> box that nobody has access to, so that it can only be recovered after your
> death.
> If you must write a password down electronically, it should encrypted,
> which makes it no better than the password of the encrypted database, so
> passwords should just plain flat never be so long that you have to write
> them down.
> The Gnu Keyring exists so that:
> 1) We can keep track of more passwords as securely as possible.
> 2) We can keep track of too-long passwords assigned to us by well-meaning
> folks.
> 3) We can keep track of long non-password numbers without having to haul
> around dangerous things like credit cards.  :-)
> If you worked for me, I'd ask you to destroy that piece of paper and not do
> it again.
> On Mon, 1 May 2000, Bennett Todd wrote:
> > 
> > I recommend instead picking an _exceptionally_ strong,
> > computer-generated random password for the keyring itself, and
> > writing it down on a slip of paper in your wallet until you've used
> > it enough times to memorize it.