On Thu, Oct 14, 2004 at 06:26:20AM -0500, Brian Fahrlander wrote: > On Wed, 2004-10-13 at 20:58, Scot L. Harris wrote: > > On Wed, 2004-10-13 at 20:06, Brian Fahrlander wrote: > > > Security wise it is always a bad idea to write down passwords or > > passphrases. The reality is that almost everyone does just that. :) > > Oh, to be sure! But if they're GONNA do it due to human nature, > it's better to have them do it off site... The issue is not writing down the pass phrases but "key management". I predict that there is a potential for the single largest cause of lost data in the next ten years to be lost keys to encrypted data. Good biometric hooks to encryption break if the employee is in jail, dead, skips town, changes jobs,.... looses a 'bio' part. If you are a manager and walk an employee out, expect a hefty fee to recover data not unlocked in the exit interview process ;-) It is not silly to have a locked firesafe with keys written down for many. -- T o m M i t c h e l l May your cup runneth over with goodness and mercy and may your buffers never overflow.