[cryptography] Constitutional Showdown Voided as Feds Decrypt Laptop

Jeffrey I. Schiller jis at qyv.net
Thu Mar 1 20:18:32 EST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/01/2012 06:09 PM, Nico Williams wrote:
> I let mailman generate passwords.  And I never use them, much less
> re-use them.  Well, I do use them when I need to change e-mail
> addresses, which happens very rarely, and then I start by asking
> mailman to send my my passwords because I don't remember them -- I've
> done this like once in the past decade.

Perhaps mailman should be changed to require you to use its generated
passwords, or better yet, to only generate a password when you ask it
to send you your password, and then invalidate it after a few days. So
it isn't really a password but a "thunk" of limited value.

In this fashion we can be more assured that people aren't re-using
passwords with mailman.

Because... you and I may know better... the manager at the bank where
are money is stored (or the doctors office where are medical records
are located) may not know better...   ;-)

                        -Jeff

- --
_______________________________________________________________________
Jeffrey I. Schiller
MIT Technologist, Consultant, and Cavy Breeder
Cambridge, MA 02139-4307
617.910.0259 - Voice
jis at qyv.net
http://jis.qyv.name
_______________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFPUB+98CBzV/QUlSsRAme0AKD68AevJfdboYC8zd/OeShRtwSS8QCgnRTr
oL3z9rBPfkYy3vPLrSdsQ6M=
=TPD+
-----END PGP SIGNATURE-----




More information about the cryptography mailing list