| 1 |
Nikos Chantziaras wrote: |
| 2 |
> On 04/02/2019 07:47, Dale wrote: |
| 3 |
>> How do you, especially those who admin systems that are always being |
| 4 |
>> hacked at, generate strong passwords that meet the above? I've googled |
| 5 |
>> and found some ideas but if I use the same method, well, how many others |
| 6 |
>> are using that same method, if you know what I mean. ;-) Just looking |
| 7 |
>> for ideas. |
| 8 |
> |
| 9 |
> I don't use a password manager. For website logins, I just use the |
| 10 |
> password manager in the browser (Firefox), which does not use a master |
| 11 |
> password :-P I just assume my own system is not going to be compromised. |
| 12 |
> |
| 13 |
> For the websites I use, I generate a unique password per site using |
| 14 |
> this command: |
| 15 |
> |
| 16 |
> $ pwmake 128 |
| 17 |
> |
| 18 |
> This generates a password using 128 bits of entropy from /dev/urandom. |
| 19 |
> You need dev-libs/libpwquality being installed (it's a dep of |
| 20 |
> something important, I think, so should be installed on most systems |
| 21 |
> already.) |
| 22 |
> |
| 23 |
> For remote systems I administer through SSH, I don't use passwords. I |
| 24 |
> use a public/private key pair to log in (4096 bits.) My private key is |
| 25 |
> protected with a strong password though, but it's easy to remember |
| 26 |
> since it doesn't need to change. Something like: |
| 27 |
> |
| 28 |
> ilp&mac4d@4*r |
| 29 |
> |
| 30 |
> Which is short for: |
| 31 |
> |
| 32 |
> I like pizza and macaroni for dinner at four star restaurants. |
| 33 |
> |
| 34 |
> |
| 35 |
> |
| 36 |
|
| 37 |
|
| 38 |
One reason I use LastPass, it is mobile. I can go to someone else's |
| 39 |
computer, use LastPass to say make use of Paypal, Newegg, Ebay etc, |
| 40 |
logoff and it is like I was never there. Also, if my computer were to |
| 41 |
die a sudden death, power supply goes bonkers and burns everything in it |
| 42 |
up including hard drives, my passwords are still safe but available. |
| 43 |
When I get a new rig built, I can install LastPass, put in my email and |
| 44 |
password then go on like nothing ever happened. I can also use a |
| 45 |
neighbors computer to order the parts for a new rig as well. I just use |
| 46 |
LastPass on their computer. I could do that even if my backups were out |
| 47 |
of date as well. |
| 48 |
|
| 49 |
I also like that it generates passwords that are dang near impossible to |
| 50 |
crack. It also doesn't have to be anything I can remember either. This |
| 51 |
is a few examples of what it generates. |
| 52 |
|
| 53 |
*k0Dx^RiNPHOocIg |
| 54 |
|
| 55 |
5wfy&YQA&vNa4^HHgwZ3 |
| 56 |
|
| 57 |
NnWM9DwCrVYyVryS3Aa9 |
| 58 |
|
| 59 |
Now I admit, I sometimes see one that pops up that I don't like the |
| 60 |
looks of and I click for a new one. Just like the last one in the |
| 61 |
list. It has two of the same letter at the beginning. One upper and |
| 62 |
one lower but still the same. I'd skip that one. Still, good luck |
| 63 |
guessing it easily. Cracking it is always possible but it makes it |
| 64 |
difficult. Also, I sometimes have to leave off the other characters |
| 65 |
since some websites don't allow those. My bank for example doesn't |
| 66 |
allow a couple of them. I think "*" and "$" is a no go. It does reject |
| 67 |
it when you try to enter it tho. |
| 68 |
|
| 69 |
If I were to ever get me a smart phone, LastPass works on those too. I |
| 70 |
still like my Razr tho. It makes phone calls and allows me to text. It |
| 71 |
does what I need. It also takes the place of a watch as well. ;-) |
| 72 |
|
| 73 |
I get why some may just use Firefox or other browsers password tool but |
| 74 |
thing is, if you don't have a backup of it and something happens, you |
| 75 |
could be working a while to get those passwords going again. If I |
| 76 |
recall correctly, I have to go to the bank, present ID and such to do a |
| 77 |
complete reset of my bank password. I know it was that way several |
| 78 |
years ago because I had to do it once. |
| 79 |
|
| 80 |
Those keys do work for things that support it. I don't think any site I |
| 81 |
use has that ability tho. If it does, I don't know about it. Maybe one |
| 82 |
day tho. |
| 83 |
|
| 84 |
Dale |
| 85 |
|
| 86 |
:-) :-) |
Archives