<div dir="ltr">My computers get a "memorable" password generated by Apple's Keychain Access Password Assistant:<div><br></div><div><img src="cid:ii_15be96525fdc119b" alt="Inline image 1" width="340" height="276"><br></div><div>And then I have ssh keys which have a long passphrase, or are stored in my Yubikey.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, May 7, 2017 at 3:25 PM, Allan Cecil <span dir="ltr"><<a href="mailto:allan@nblug.org" target="_blank">allan@nblug.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">In advance of Kyle's talk on Tuesday I was curious what practices other NBLUG folks follow with physical access passwords, i.e. passwords that you have to type frequently to gain access to a local PC or other personal device. Since it's a password that you'll be typing often you generally want a password that is easy to type but that is often at odds with good security practices. I'm seriously doubting my own methods after attending the Thotcon security conference this past week. Obviously, don't give up anything secret or sensitive here, but how do you handle passwords that by their nature can't be in a password manager and have to by typed frequently?<br>
<br>
This is probably a discussion for after Kyle's talk but it's been on my mind and I didn't want to wait. Thanks for your thoughts!<br>
<br>
A.C.<br>
******<br>
President, North Bay Linux Users' Group<br>
<br>
On 04/18/2017 03:05 PM, Allan Cecil wrote:<br>
> Topic: Sex, Secret and God: A Brief History of Bad Passwords<br>
> When: Tuesday May 9th, 7:30 PM to 9:00 PM<br>
> Speaker: Kyle Rankin<br>
><br>
> Location: O'Reilly Media, Sebastopol CA in the Tarsier conference room<br>
> past the metal statue and to the right ( <a href="http://nblug.org/locations" rel="noreferrer" target="_blank">http://nblug.org/locations</a> )<br>
><br>
> Description:<br>
> Most of what we've been told over the years about what makes a good<br>
> password has been wrong, so it's no surprise most people pick bad<br>
> passwords. This talk will cover the history of password policy and password<br>
> cracking starting from the days when Richard Stallman hacked the passwords<br>
> forced on his MIT computer lab because he considered passwords an<br>
> authoritarian method of control. Next I'll discuss the golden days of<br>
> password guessing featured prominently in movies like Hackers and WarGames.<br>
><br>
> Then I'll move to the tech boom and the introduction of draconian IT<br>
> policies like password rotation and password complexity and the dirty<br>
> little leet-speak password secrets they led to. As we get closer to the<br>
> modern day I'll discuss the "correct horse battery staple" password<br>
> renaissance and more modern approaches to password cracking spawned by<br>
> tools like oclhashcat and giant password databases dumps like the RockYou<br>
> hack.<br>
><br>
> I'll finish up with modern attempts to fix the password auth problem such<br>
> as new approaches to secure password generation in password managers or<br>
> schemes such as diceware as well as cover password auth reinforcements like<br>
> the different forms of 2FA (including U2F) and Facebook's new approach to<br>
> "I forgot my password" workflows. By the end everyone should have plenty of<br>
> ammunition to take back to their IT department and get rid of those<br>
> horrible password policies.<br>
> ______________________________<wbr>_________________<br>
> announce mailing list<br>
> <a href="mailto:announce@nblug.org">announce@nblug.org</a><br>
> <a href="http://nblug.org/cgi-bin/mailman/listinfo/announce" rel="noreferrer" target="_blank">http://nblug.org/cgi-bin/<wbr>mailman/listinfo/announce</a><br>
><br>
______________________________<wbr>_________________<br>
talk mailing list<br>
<a href="mailto:talk@nblug.org">talk@nblug.org</a><br>
<a href="http://nblug.org/cgi-bin/mailman/listinfo/talk" rel="noreferrer" target="_blank">http://nblug.org/cgi-bin/<wbr>mailman/listinfo/talk</a><br>
</blockquote></div><br></div>