 |
||
 |
 |
 |
 |
 |
|
| This isn't that great an idea by jeep 06/04/2012, 1:09pm PDT | ||||
 |
 |
|||
| someone gets your facebook password and you're screwed, how much you want to bet facebook stores user-to-site-specific authorization data a little too close to the authentication data?
I am loathe to admit this, but a windows sysadmin not named numsey showed me the right way to handle passwords at the consumer end (he was using it in an admin context which was shitty). Just put keepass on your fucking windows box, give the core file one good password, and use the app to save the longest randomized one each website allows. Macs and Linux desktops have this built in, but with windows you have to get keepass make sure you back up the kbd file to usb stick every month. and yeah it sucks to log into steam from your iphone if you have a 15 character password long-term the ideal solution is probably signed browser certs. we used to use them for secure internal sites to be externally accessible from the road, but it's still not that slick to set up that either the admin or the customer would be thrilled at all the manual steps |
||||
 |
 |
|||
|
Using Passwords and "Swordfish" by 03/23/2012, 8:02am PDT  Re: Using Passwords and "Swordfish" by 04/15/2012, 9:12pm PDT Re: Using Passwords and "Swordfish" by 04/20/2012, 6:57pm PDT This isn't that great an idea by 06/04/2012, 1:09pm PDT |
