[lug] password generating techniques
John Vonachen
john.vonachen at gmail.com
Wed Mar 21 09:01:18 MDT 2012
// random.org uses atmospheric noise to generate random numbers
// in PHP:
// get a new secret code from random.org
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_URL, '
http://www.random.org/strings/?num=1&len=10&digits=on&upperalpha=on&loweralpha=on&format=plain&rnd=new'
);
$newSecretCode = curl_exec($curl);
curl_close($curl);
On Wed, Mar 21, 2012 at 8:48 AM, Davide Del Vento <
davide.del.vento at gmail.com> wrote:
> > /dev/random?
>
> Are you serious or are you kidding? (sorry, this sounds like
> http://en.wikipedia.org/wiki/Poe%27s_law )
>
> If you are kidding, fine :-D
>
> If you are serious, you missed the point. The discussion here is how
> can I *remember* tens if not hundreds of these passwords, not how can
> I generate them. Since I cannot remember them all, I see the following
> options:
>
> 1) use weaker passwords, easier to remember
> 2) use a single strong password, shared among all the services I use
> 3) use a (mental) algorithm to generate site-specific passwords from a
> single strong one
> 4) use a password manager like Kevin suggested
> 5) use something like OPLOP
> 6) write the strong passwords on a piece of paper
>
> Of course 1) and 2) are bad, you don't need me to tell you why. 3)
> could be ok, but being "mental" it must be easy and thus it can be
> easy to crack and it is only security by obscurity. I replied to Kevin
> with my objections to 4) so I won't repeat myself. It looks like 5) is
> the best choice, but I had the questions with which I started this
> thread. Option 6) adds the physical security problem to the computer
> security problem, and add the inconvenience of transporting this piece
> of paper with me at all the time in a secure manner.
>
> Cheers,
> Davide
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
--
rDch0FkiKFXdpHLLyDHVsTXVGdBAIHIUbjJG9mlYYCfMWBC0CSilnxRbxASWwc
My final thoughts on Taoism and the philosophy of Wittgenstein:*
Beliefs are made of words but the world is not.*
<http://amikosoftware.com/songs/>
<http://amikosoftware.com/><http://amikosoftware.com/simplegen/rotturb/><http://www.amikosoftware.com/animate/><http://amikosoftware.com/simplegen/rotturb/><http://amikosoftware.com/simplegen/rotturb/><http://amikosoftware.com/simplegen/giggleSquare/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20120321/5cfe0485/attachment.html>
More information about the LUG
mailing list