[cryptography] Constitutional Showdown Voided as Feds Decrypt Laptop

Jeffrey I. Schiller jis at qyv.net
Thu Mar 1 20:18:32 EST 2012

Hash: SHA1

On 03/01/2012 06:09 PM, Nico Williams wrote:
> I let mailman generate passwords.  And I never use them, much less
> re-use them.  Well, I do use them when I need to change e-mail
> addresses, which happens very rarely, and then I start by asking
> mailman to send my my passwords because I don't remember them -- I've
> done this like once in the past decade.

Perhaps mailman should be changed to require you to use its generated
passwords, or better yet, to only generate a password when you ask it
to send you your password, and then invalidate it after a few days. So
it isn't really a password but a "thunk" of limited value.

In this fashion we can be more assured that people aren't re-using
passwords with mailman.

Because... you and I may know better... the manager at the bank where
are money is stored (or the doctors office where are medical records
are located) may not know better...   ;-)


- --
Jeffrey I. Schiller
MIT Technologist, Consultant, and Cavy Breeder
Cambridge, MA 02139-4307
617.910.0259 - Voice
jis at qyv.net
Version: GnuPG v1.4.9 (GNU/Linux)


More information about the cryptography mailing list