User: Password:
|
|
Subscribe / Log in / New account

A Periodic Table of password managers

A Periodic Table of password managers

Posted Nov 12, 2011 3:34 UTC (Sat) by djao (guest, #4263)
In reply to: A Periodic Table of password managers by drag
Parent article: A Periodic Table of password managers

I don't think you properly understood the original proposal.

You have about 30 different passwords to keep track of. That's about average. You seem to be in favor of writing them down, whether on a pad of paper or in a password manager. That's quite understandable.

The problem is that, if someone malicious gets that piece of paper or breaks into your password manager, then they have EVERYTHING. The proposed countermeasure is to apply a single, simple, fixed, easy to remember, and easily reversible transformation to each password in your list. In other words, what you write down in your list is not your "real" password. Instead your real password is some simple (always the same) variation upon what is written down.

You would not write down the details of what this transformation is. You have to remember it in your head. But you only have to remember this one single simple rule. The argument is that remembering this one thing is not much harder than remembering the passphrase to your password manager, or the location of your paper pad. The benefit is that if an adversary succeeds in obtaining your list of passwords, they don't automatically get everything.

Nobody is suggesting that you memorize 30 different passwords or 30 different rules.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds