Conversation:

Notices

1. kuro (kuro)'s status on Wednesday, 26-Feb-2014 07:02:21 EST kuro

   Remote profile options...
   Bruce Schneier: Choosing a Secure Password http://qttr.at/c67 !security
   • Joshua Judson Rosen likes this.
   • Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca and Joshua Judson Rosen repeated this.
   • drak (drak)'s status on Wednesday, 26-Feb-2014 08:03:01 EST drak

     Remote profile options...

     • kuro
     “write your passwords down on a piece of paper and secure that piece of paper.” http://qttr.at/c67 ← listen to !security experts. Use paper.
     Joshua Judson Rosen likes this.
   • Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Wednesday, 26-Feb-2014 12:51:40 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca

     Remote profile options...

     • kuro
     Things I teach people: 1) Use a password manager. 2) If you don't use a password manager, choose a long, memorable phrase. The longer, the better. 2a) Make it easily typeable. I know people who have strong, long passwords, but can't remember how to type them. As Schneier points out, PW cracking tools try variations on 1337$p34|< anyway, so funny symbols don't add much protection. 2…
     Joshua Judson Rosen likes this.
   • Joshua Judson Rosen (rozzin)'s status on Thursday, 27-Feb-2014 00:51:19 EST Joshua Judson Rosen

     • kuro
     But... "gonefishing1125" is not using the #xkcd #password scheme.... By Randall's metric, it's got only ~22–33 bits of #entropy....
   • Joshua Judson Rosen (rozzin)'s status on Thursday, 27-Feb-2014 21:15:58 EST Joshua Judson Rosen

     • kuro
     And... actually, "gonefishing" isn't even two independent words. So isn't "gonefishing1125" more like ~11–24 bits of #entropy? !security