Monday, June 26. 2006
It's 10pm, do you know where your password is?
Freenode (the IRC network) was hijacked this weekend.
I'm a freenode user, and it's likely my freenode password has been stolen. When using a password on a network like Freenode, one has to assume that your password is goign to be stolen. It travels across the Internet unencrypted, who knows how many people are able to sniff network traffic for it. I can only imagine how many people use the same password in many places though. I'd rather not think about it
There is a tool called pwsafe which I use to track passwords I don't care about. There are countless web sites and mailing lists one needs a password for. Pwsafe will generate and save (in an encrypted file) passwords for me which are keyed off of domain names. It's a lot like the gnome keyring, but works in a rather clever way. When I run pwsafe, it puts my username in the clipboard, when I paste it, it prints in the console which application took the paste, then puts the password into the clipboard. After the password is pasted, it restores the clipboard to its previous contents. A tool like pwsafe makes it rather easy to have a different, strong password for each site.
To Quote Nalin:
I'm a freenode user, and it's likely my freenode password has been stolen. When using a password on a network like Freenode, one has to assume that your password is goign to be stolen. It travels across the Internet unencrypted, who knows how many people are able to sniff network traffic for it. I can only imagine how many people use the same password in many places though. I'd rather not think about it
There is a tool called pwsafe which I use to track passwords I don't care about. There are countless web sites and mailing lists one needs a password for. Pwsafe will generate and save (in an encrypted file) passwords for me which are keyed off of domain names. It's a lot like the gnome keyring, but works in a rather clever way. When I run pwsafe, it puts my username in the clipboard, when I paste it, it prints in the console which application took the paste, then puts the password into the clipboard. After the password is pasted, it restores the clipboard to its previous contents. A tool like pwsafe makes it rather easy to have a different, strong password for each site.
To Quote Nalin:
Passwords Suck. More Passwords Suck More
Calendar
Quicksearch
Categories
Syndicate This Blog
Blog Administration
Powered by
