"I feel I'm more easily capable of securing something physical than something purely digital," Grossman explained. Grossman, for instance, stores passwords in a plain text file that's stored on an encrypted virtual disk image, and then physically kept on an encrypted USB key. Among these four, however, there was plenty of variation.
Bruce schneier passwordsafe import password password#
Desautels, CEO of Netragard, a firm that gets paid to hack large companies and then tell them how it was done Jeremiah Grossman, founder and CTO of WhiteHat Security Jeffrey Goldberg, "defender against the dark arts" at AgileBits, a company that develops the popular 1Password password manager and Jeremi Gosney, a password security expert at Stricture Consulting.įour of these experts said they use some type of password manager to ensure they have a long, complex, and unique password for most accounts they care about. They include renowned cryptographer Bruce Schneier, who is a "security futurologist" at BT and recently joined the Electronic Frontier Foundation's board of directors Adriel T. I recently checked in with five security experts to learn about their approach to choosing and storing crack-resistant passwords. Is it safe, for instance, to store your encrypted password file in the cloud or to allow your browser to remember frequently used log-in credentials? And what's the best way to manage passwords across a variety of computer operating systems and different smartphone platforms? That said, password security is a highly nuanced undertaking with plenty of room for competing strategies and contradictory imperatives. Our how-to provides a thorough primer that should be required reading for anyone who uses the Internet.
The upshot was clear: If long passwords containing numbers, symbols, and upper- and lower-case letters are this easy to break, what are users to do?Īrs has largely answered that question already: use a password manager to randomly generate and store long, complex passcodes that are unique for each site you care about. If you felt a twinge of angst after reading Ars' May feature that showed how password crackers ransack even long passwords such as "qeadzcwrsfxv1331", you weren't alone.
0 kommentar(er)
