[148641] in cryptography@c2.net mail archive
Re: [Cryptography] Passwords are dying - get over it
daemon@ATHENA.MIT.EDU (Guido Witmond)
Mon Dec 23 18:14:58 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 23 Dec 2013 22:26:21 +0100
From: Guido Witmond <guido@witmond.nl>
To: cryptography@metzdowd.com
In-Reply-To: <CAFWeb9Jzu6BntCO4dnXwBGTwZReTxNvv5FKn4j6TJng9QwqN4Q@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============5529957759580281439==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="----enig2GFPSNMAPRLCCEBFPTEMW"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
------enig2GFPSNMAPRLCCEBFPTEMW
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 12/23/13 10:00, Alec Muffett wrote:
> On 22 December 2013 16:09, Bill Frantz <frantz@pwpconsult.com
> <mailto:frantz@pwpconsult.com>> wrote:
>=20
> Using passwords securely is inconvenient. You need a different
> password for each site because of the risk of site compromise. It i=
s
> insecure to use variants of a common base because they are too easy=
> to guess once one of them is known.
>=20
>=20
> All of the disbenefits of passwords are the same as their benefits, bar=
> one, as explained here:
>=20
> http://dropsafe.crypticide.com/muffett-passwords
If get people to deploy software on their devices, please let them use
anonymous client certificates. All the benefits of passwords, none of
the downsides.
Make sure you have a different private key for each site.
It even can help to solve the MitM problem that passwords cannot.
Regards, Guido.
PS. I call it eccentric-authentication.org.
------enig2GFPSNMAPRLCCEBFPTEMW
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/
iQIcBAEBAgAGBQJSuKp9AAoJEHPd8GglaNRmcrQP/0u4huZdGpAgHSNxN2jE0ccK
fNwC1PWDVGjs6dEkyh5BdRzZkHo6PCTnioEiiui90W9JWB0VyFPuLCVQOzaQI+FG
J8M7T2Yr2jbTvyJTLcOJ3kNm2j0deuriHdzLEeT3L1j/HfxlTHW89V6UxPJzIWR5
YHxegjEoqNEVP06KkJPw4GMNOznBKNKSvfImo0NYotlZM8JJBlU3mV2u8kHTFhPT
7oIzNBlxEXxv+zgiILljSl8daerFfRiICToogauA8tMt9zMy8JV47k9zxKBI35kx
ZGWn2HXEozi+IPXSoABFEhN7mz8lXdfkGcj24saD5FYoq1e1MrNhfMnefW/t1HgK
y+kD1p5/Ssof3dTgMb9V4I4/S8gx/K8Z8ku4M6OuN7GU8XyuLRPAoiqJPx+BLXJx
KCEVzdBKc0lBD45OO7yMiVrB8X645+0FNPRc4C+aNoPgCvB+6/D2h4VS4uaqGJsD
377zdqd0o+Q9rhcP3IFiV8DcSlkkJUfMLekHiTZ9Z0hrS5PaaC4eEA05ZUk0VeUN
ItWxObQLAQLn0j1mHWsFRHqkXMecwb8uLGAECtWYM8Q9Bvye/dhh3UxbJk0feh13
JgtzaXhLJQpYO3y9M6IqKkOORdl78BG9W9nvyvUBp27a5gDCbF1nngII+2wHwsWU
HQojnpbBUVbtjcknkDJU
=9ETP
-----END PGP SIGNATURE-----
------enig2GFPSNMAPRLCCEBFPTEMW--
--===============5529957759580281439==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============5529957759580281439==--
