A (not) new security idea
Nifty Hat Mitch
mitch48 at sbcglobal.net
Thu Oct 14 17:25:53 UTC 2004
On Thu, Oct 14, 2004 at 06:26:20AM -0500, Brian Fahrlander wrote:
> On Wed, 2004-10-13 at 20:58, Scot L. Harris wrote:
> > On Wed, 2004-10-13 at 20:06, Brian Fahrlander wrote:
>
> > Security wise it is always a bad idea to write down passwords or
> > passphrases. The reality is that almost everyone does just that. :)
>
> Oh, to be sure! But if they're GONNA do it due to human nature,
> it's better to have them do it off site...
The issue is not writing down the pass phrases but "key management".
I predict that there is a potential for the single largest cause of
lost data in the next ten years to be lost keys to encrypted data.
Good biometric hooks to encryption break if the employee is in jail,
dead, skips town, changes jobs,.... looses a 'bio' part.
If you are a manager and walk an employee out, expect a hefty
fee to recover data not unlocked in the exit interview process ;-)
It is not silly to have a locked firesafe with keys written down for
many.
--
T o m M i t c h e l l
May your cup runneth over with goodness and mercy
and may your buffers never overflow.
More information about the fedora-list
mailing list