On Thu, Dec 19, 2013 at 5:16 PM, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote: > If you get hacked, changing the password after the event is too late. > And if they installed a backdoor, changing your password will be > completely pointless. > > If you haven't been hacked, you're just making life harder for yourself, > trying to remember all these passwords. Or making things less secure, > because you have to write them down. Correct. There was a paper published a while back (I wish I could find a reference, but my google-fu is failing me right now) that showed enforcing strong passwords and frequent changes reduced overall security, among other reasons because users tended to write them down rather than remember them. Also, in this situation, changing passwords at all on the system is madness. The only sane option is a complete reinstall (yes, using different passwords). You don't know what the intruder has left on your system. A fresh OS install and a scan of your data for hidden nastiness is needed. Tet -- "Java is a DSL for taking large XML files and converting them to stack traces" -- Bulat Shakirzyanov -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
