Security Basics mailing list archives
Re: Choosing unique passwords - how paranoid is too paranoid?
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 26 Jun 2008 14:09:23 +0200
On 2008-06-25 Orlin Gueorguiev wrote:
On Wednesday 25 June 2008 05:27:37 Johann MacDonagh wrote:This has worked out better. I've started using mnemonics to remember each system's unique part. Muscle memory!I have 3 passwords. One for no security(like the password for the quest account), one for forums or minimal security, one for secured stuff(everything with money). Now... I think I got a little inspired from your post and I might actually start generating passwords for each different domain, based on a password mixed in some way with the domain name. For example password is password, domain is eBay (make a mnemonic buysellbuy), mixes password: buypasssellwordbuy /*will have to think about something better*/ (and then 1337 it), final B@iPazZC3llw0R7bA1. because I have a general password combined with something easy to remember, and leeting it, I believe it would be hard for someone to find it, especially because different people have different expirience and will probably have different mnemonic.
google://kerckhoff+principle Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Choosing unique passwords - how paranoid is too paranoid? Johann MacDonagh (Jun 25)
- Re: Choosing unique passwords - how paranoid is too paranoid? Eric Furman (Jun 25)
- RE: Choosing unique passwords - how paranoid is too paranoid? Rivest, Philippe (Jun 25)
- Re: Choosing unique passwords - how paranoid is too paranoid? Orlin Gueorguiev (Jun 25)
- Re: Choosing unique passwords - how paranoid is too paranoid? Ansgar -59cobalt- Wiechers (Jun 26)
- Re: Choosing unique passwords - how paranoid is too paranoid? Kurt Buff (Jun 26)
- RE: Choosing unique passwords - how paranoid is too paranoid? Chris LoVerme (Jun 27)