[cryptography] Hi all, would like your feedback on something

Givon Zirkind givonne at gmx.com
Sun Dec 20 06:44:45 EST 2015


On 12/18/2015 6:35 PM, Ondrej Mikle wrote:
> 1) No matter how strong your password is, it will leak if you reuse it, because
> attackers hack badly secured sites/databases - this is in no way surprising, but
> it's "new" to non-tech-savvy people.
constantly or periodically changing your master password, is the common 
solution to this problem.
> 2) U2F, "Universal 2-Factor", is probably the best solution now - very usable,
> "kind of" wide-spread (see http://www.dongleauth.info/). Yubikey Neo and Yubikey
> 4 are the best sample devices that implement this. You plug in the token in USB
> slot and touch the button (malware cannot physically touch the button - this is
> very important in the design!).
old school, but, imho, the best solution, a hardware lock on a device, a 
USB drive, is the best way to protect access to your files.




More information about the cryptography mailing list