Security Basics mailing list archives
Re: Password variation scheme a plus in security?
From: "Stefan Schmidt" <Stefan.Schmidt () gmx net>
Date: Tue, 01 Jul 2008 11:00:27 +0200
If you don't want to use the same password for all sites, save the passwords in an encrypted vault (e.g. KeePass [1]) and look them up whenever needed.
I am using one of these password managers currently, but I find it rather inconvinient. A web-based open source solution would be nice, but I haven't found one.
DO NOT USE PASSWORDS DERIVED THROUGH DETERMINISTIC ALGORITHMS. EVER. Kerckhoff's Principle explains why that is a bad thing.
Yes, security by obscurity is certainly a bad thing and if wanted a 100% secure solution I' certainly use a separate secure password for every single site, but I was looking for an alternative to grant me a 90% secure solution without the hassle. So my question was not "Is this secure ?" but rather "How likely is it for hackers to test for password schemes". Stefan
Current thread:
- Re: Password variation scheme a plus in security? Alexander Klimov (Jul 02)
- <Possible follow-ups>
- Re: Password variation scheme a plus in security? Gleb Paharenko (Jul 02)
- Re: Password variation scheme a plus in security? Stefan Schmidt (Jul 02)
- Re: Password variation scheme a plus in security? Stefan Schmidt (Jul 02)