Re: frustrate shouldservers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Only if you write that password down in the same way you key it in. In my case and I suspect the cases of others here the compromiser would also have to be able to read braille. On Sat, 4 Feb 2017, Kyle wrote: 


Date: Sat, 4 Feb 2017 03:55:03
From: Kyle <kyle4jesus@xxxxxxxxx>
Reply-To: Linux for blind general discussion <blinux-list@xxxxxxxxxx>
To: Linux for blind general discussion <blinux-list@xxxxxxxxxx>
Subject: Re: frustrate shouldservers
I still think the most secure password is the one you don't have to store anywhere other than in your brain. Any stored password, even the one on paper, can be stolen and compromised. However, I don't think anyone has yet found a way to steal passwords by reading thoughts. That said, any password should be able to be retained in memory, but also has to be complex enough that it can't be guessed or attacked using a dictionary. A thread came up in another list where translation to grade 2 braille and then to the computer braille symbols that have the same dot patterns was proposed. For example, your password could be something like ",? pass~w w 3fuse y4" which translates back to "This password will confuse you." On that thread, UEB was mentioned as a stumbling block to future attempts to translate passwords in this way, but if you are able to do this without computer aided translation, you may of course use oldschool braille rather than UEB. Other methods such as adding symbols to the password seem good as well, as long as any arbitrarily added symbols are not so complex as to make it too hard to retain in memory. Something like "This.is.my.password" may be easy to crack, but "This-is-my.new.passworde ..." may be harder, but is still easy enough for the user who created it to remember. On the other hand, I find that computer generated or overrandomized passwords are best used only as one-time passwords that immediately expire, as they are the easiest to compromise, especially long ones, due to the fact that they ultimately have to be stored somewhere, and probably even <gasp> copied and pasted. Those are definitely best sent over e-mail or other insecure channels, as they force a change, so you immediately know if your one-time password was compromised before you ever tried to use it. In such cases, it seems most secure to create a new password that meets the criteria above of being completely memorable by you, but guessable by no one else. Only you know how your brain works and how you best remember things, so any examples given are only examples. The most important thing is to employ the aid of a computer as little as possible, and never write the password down anywhere. Just my random thoughts. 
Sent from the starship Enterprise

_______________________________________________
Blinux-list mailing list
Blinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/blinux-list



--

_______________________________________________
Blinux-list mailing list
Blinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/blinux-list
[Index of Archives]     [Linux Speakup]     [Fedora]     [Linux Kernel]     [Yosemite News]     [Big List of Linux Books]