Re: Found, a new rootkit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tim wrote:

The last two being a key problem.  By now, I've amassed about a dozen
passwords that I just cannot remember.  Even if I wanted to make
memorable passwords, too many systems are so limited that you can't
easily do it (e.g. passwords are too short, etc.).  Then there's the
problem of remembering which password belongs to what account.  Writing
them down, or writing down the reminder trick, becomes the only way to
do so.
IMHO, the best way to create passwords (specially when you have a team of sysadmins) is choosing a random fact about one of them (or the boss or a common friend) and create a sentence with it. For example, if Mark loves a soccer team that never wins, a good password may be derived from the sentence Mark is crazy to like X soccer team . Then the password could be Mic2LkX$t . Since the variety of symbols is quite low, we can replace i by 1 or lowercase L, maybe add an exclamation mark before and after (in a reference to the usage of question marks in the beginning and end of sentences in spanish, for example) and you can get something like !Mlc2LkX$t! . It may not be a perfect password, but is good enough to memorize (just remember the sentence and the transformations done to it) and you're good to go. We used this method on all passwords on my last job, with one different set of passwords for class of machines we had (Sun, Linux servers, Linux clients, windows clients, etc) and even today , 3 years after I quit that job, I still remember almost all the passwords (which is quite a feat, since I have quite a lot of trouble remembering names, dates, formulas... pretty much anything useful)
Other method I use is quite insane but secure (I've created two passwords that I have used for the last four years and never have been broken). Find any app that generates a random sequence of characters (keygens or other stuff like that can do the trick.. maybe even a tail -f /dev/random may be useful) . If the generated sequence doesn't have enough variety of symbols, add some more. Then try to find a way to memorize that, using things like the phonetic alphabet, or by finding substrings on the password which can be meaningful when examined alone. Sometimes even reading out loud the password in other languages may help (in my case, only after reading one of my passwords in English I found a good way to memorize it). 

--
Pedro Macedo
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux