Re: Re: Re: Re: Secure Perlmonks

in reply to Re: Re: Re: Secure Perlmonks
in thread Secure Perlmonks

With this level of worry over passwords,
you should not use the same password for more than one system. ;-)

If you must, then use just a few. Use one for 'open' type systems,
another for 'secure' systems and another for 'very important' systems.

This might help out with the real world issues.

Comment on Re: Re: Re: Re: Secure Perlmonks

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: Secure Perlmonks by sauoq (Abbot) on Jul 14, 2003 at 19:35 UTC
Use one for 'open' type systems, I use a different one for each system where my password is transmitted in plaintext unless I consider the account to be a throw-away account. another for 'secure' systems and another for 'very important' systems. I use several different ones depending on the level of security and my trust of the system. I never reuse passwords for web sites (even secure ones) on shell accounts, for instance. In fact, I generally don't reuse web site passwords at all because I have no idea how they are stored on the other end. I don't mix root passwords with user account passwords. I never share passwords between work accounts and personal accounts. I draw yet another line between machines I own and machines I don't. All in all, I've got an obscene number of passwords. The most important 30 or so I have memorized. Still, I keep a list, encrypted with a 2048 bit key, on my PDA. I try to choose good, very hard to crack, passwords for everything important and so I rarely change them (except at work where regularly changing some passwords is a requirement.) -sauoq "My two cents aren't worth a dime.";	[reply]

Replies are listed 'Best First'.

Re: Re: Re: Re: Re: Secure Perlmonks
by sauoq (Abbot) on Jul 14, 2003 at 19:35 UTC

Use one for 'open' type systems,

I use a different one for each system where my password is transmitted in plaintext unless I consider the account to be a throw-away account.

another for 'secure' systems and another for 'very important' systems.

I use several different ones depending on the level of security and my trust of the system. I never reuse passwords for web sites (even secure ones) on shell accounts, for instance. In fact, I generally don't reuse web site passwords at all because I have no idea how they are stored on the other end. I don't mix root passwords with user account passwords. I never share passwords between work accounts and personal accounts. I draw yet another line between machines I own and machines I don't.

All in all, I've got an obscene number of passwords. The most important 30 or so I have memorized. Still, I keep a list, encrypted with a 2048 bit key, on my PDA. I try to choose good, very hard to crack, passwords for everything important and so I rarely change them (except at work where regularly changing some passwords is a requirement.)

-sauoq
"My two cents aren't worth a dime.";

[reply]

In Section Perl Monks Discussion