[148613] in cryptography@c2.net mail archive
Re: [Cryptography] Passwords are dying - get over it
daemon@ATHENA.MIT.EDU (Alec Muffett)
Mon Dec 23 10:27:04 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <r422Ps-1075i-39CCF3BBF5CF4295AF9026BEB8F93900@Williams-MacBook-Pro.local>
From: Alec Muffett <alec.muffett@gmail.com>
Date: Mon, 23 Dec 2013 09:00:59 +0000
To: Bill Frantz <frantz@pwpconsult.com>
Cc: "cryptography@metzdowd.com List" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============1467024198506279999==
Content-Type: multipart/alternative; boundary=047d7bb04bd234f8f604ee2fe00e
--047d7bb04bd234f8f604ee2fe00e
Content-Type: text/plain; charset=ISO-8859-1
On 22 December 2013 16:09, Bill Frantz <frantz@pwpconsult.com> wrote:
> Using passwords securely is inconvenient. You need a different password
> for each site because of the risk of site compromise. It is insecure to use
> variants of a common base because they are too easy to guess once one of
> them is known.
All of the disbenefits of passwords are the same as their benefits, bar
one, as explained here:
http://dropsafe.crypticide.com/muffett-passwords
"Passwords are the worst form of authentication, except for all the other
forms we have tried"
-a
--
http://dropsafe.crypticide.com/aboutalecm
--047d7bb04bd234f8f604ee2fe00e
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On 2=
2 December 2013 16:09, Bill Frantz <span dir=3D"ltr"><<a href=3D"mailto:=
frantz@pwpconsult.com" target=3D"_blank">frantz@pwpconsult.com</a>></spa=
n> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex">Using passwords securely is inconvenient. You need a diffe=
rent password for each site because of the risk of site compromise. It is i=
nsecure to use variants of a common base because they are too easy to guess=
once one of them is known.</blockquote>
<div><br></div><div>All of the disbenefits of passwords are the same as the=
ir benefits, bar one, as explained here:</div><div><br></div><div>=A0 =A0 <=
a href=3D"http://dropsafe.crypticide.com/muffett-passwords" target=3D"_blan=
k">http://dropsafe.crypticide.com/muffett-passwords</a></div>
<div><br></div><div>"Passwords are the worst form of authentication, e=
xcept for all the other forms we have tried"</div><div><br></div><div>=
=A0 =A0 -a</div><div>=A0<br></div></div>-- <br><a href=3D"http://dropsafe.c=
rypticide.com/aboutalecm" target=3D"_blank">http://dropsafe.crypticide.com/=
aboutalecm</a><br>
</div></div>
--047d7bb04bd234f8f604ee2fe00e--
--===============1467024198506279999==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============1467024198506279999==--
