tag:blogger.com,1999:blog-8054883.post4349141488893690722..comments2023-10-17T02:03:30.974+13:00Comments on ObservatioNZ: Crap security adviceRichhttp://www.blogger.com/profile/17092996828683002246noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-8054883.post-79182398726875538832007-10-20T21:32:00.000+13:002007-10-20T21:32:00.000+13:00Depends:- passwords on paper are more secure if so...Depends:<BR/>- passwords on paper are more secure if someone circumvents the mechanisms to stop them getting the encrypted password and then runs a brute force attack<BR/><BR/>- short remembered passwords are more secure if someone starts systematically thieving walletsRichhttps://www.blogger.com/profile/17092996828683002246noreply@blogger.comtag:blogger.com,1999:blog-8054883.post-18509262758623102292007-10-19T04:53:00.000+13:002007-10-19T04:53:00.000+13:00I'm not so sure I buy that; writing down long pass...I'm not so sure I buy that; writing down long passwords can be safer than memorizing short ones, particularly if they're re-used. There are sites out there like PassPack that store passwords for free, and there are lots of password management programs to help with the task.<BR/><BR/>Bruce Schneier's take on this:<BR/>http://www.schneier.com/blog/archives/2005/06/write_down_your.html<BR/><BR/>I'm a big believer in two-factor authentication (my company makes PhoneFactor - www.phonefactor.net), but if you're not going to do two-factor, you should at least use long, difficult passwords.Steve Dispensahttps://www.blogger.com/profile/15775494312273647288noreply@blogger.com