frustrate shouldservers

Jude DaShiell jdashiel at panix.com
Sat Feb 4 11:04:39 UTC 2017 

Only if you write that password down in the same way you key it in.  In my 
case and I suspect the cases of others here the compromiser would also 
have to be able to read braille. On Sat, 4 Feb 2017, Kyle wrote:

> Date: Sat, 4 Feb 2017 03:55:03
> From: Kyle <kyle4jesus at gmail.com>
> Reply-To: Linux for blind general discussion <blinux-list at redhat.com>
> To: Linux for blind general discussion <blinux-list at redhat.com>
> Subject: Re: frustrate shouldservers
> 
> I still think the most secure password is the one you don't have to store 
> anywhere other than in your brain. Any stored password, even the one on 
> paper, can be stolen and compromised. However, I don't think anyone has yet 
> found a way to steal passwords by reading thoughts. That said, any password 
> should be able to be retained in memory, but also has to be complex enough 
> that it can't be guessed or attacked using a dictionary. A thread came up in 
> another list where translation to grade 2 braille and then to the computer 
> braille symbols that have the same dot patterns was proposed. For example, 
> your password could be something like ",? pass~w w 3fuse y4" which translates 
> back to "This password will confuse you." On that thread, UEB was mentioned 
> as a stumbling block to future attempts to translate passwords in this way, 
> but if you are able to do this without computer aided translation, you may of 
> course use oldschool braille rather than UEB. Other methods such as adding 
> symbols to the password seem good as well, as long as any arbitrarily added 
> symbols are not so complex as to make it too hard to retain in memory. 
> Something like "This.is.my.password" may be easy to crack, but 
> "This-is-my.new.passworde ..." may be harder, but is still easy enough for 
> the user who created it to remember. On the other hand, I find that computer 
> generated or overrandomized passwords are best used only as one-time 
> passwords that immediately expire, as they are the easiest to compromise, 
> especially long ones, due to the fact that they ultimately have to be stored 
> somewhere, and probably even <gasp> copied and pasted. Those are definitely 
> best sent over e-mail or other insecure channels, as they force a change, so 
> you immediately know if your one-time password was compromised before you 
> ever tried to use it. In such cases, it seems most secure to create a new 
> password that meets the criteria above of being completely memorable by you, 
> but guessable by no one else. Only you know how your brain works and how you 
> best remember things, so any examples given are only examples. The most 
> important thing is to employ the aid of a computer as little as possible, and 
> never write the password down anywhere. Just my random thoughts.
> Sent from the starship Enterprise
>
> _______________________________________________
> Blinux-list mailing list
> Blinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/blinux-list
>

--

More information about the Blinux-list mailing list