Public
- Public
- Network
- Groups
- Popular
- People

Conversation

Notices

Verius (verius@community.highlandarrow.com)'s status on Sunday, 22-Oct-2017 04:55:33 EDT Verius

@maiyannah Why Are We Still Using Passwords?

Because Long Random Passwords Stored In A Competent Password Store[1] Are Actually Quite Secure Given A Modicum Of Opsec.

[1] I.e. something like Keepass, not a webbased store-on-someone-elses-server thingy.

In conversation Sunday, 22-Oct-2017 04:55:33 EDT from community.highlandarrow.com permalink
1. Bob Mottram (bob@social.freedombone.net)'s status on Sunday, 22-Oct-2017 05:03:16 EDT Bob Mottram
  in reply to
  
  @verius @maiyannah Why Are We Still Using Passwords?
  
  Because biometrics are no good and key management is tricky even if you are paying attention. Passwords in an offline password manager as random strings are about the best we have.
  
  Perhaps key management via a physical security token will supercede passwords, but at present there isn't any consensus or defacto standard for how to do that, whereas it's still easy to add text entry and run a hash algorithm.
  
  In conversation Sunday, 22-Oct-2017 05:03:16 EDT from social.freedombone.net permalink
  1. Verius (verius@community.highlandarrow.com)'s status on Sunday, 22-Oct-2017 05:09:47 EDT Verius
    in reply to
    
    @bob @maiyannah Yeah, it's mostly the defacto bit. For 2FA there are some standards which are pretty broadly implemented (e.g. TOTP) but for the main credentials password is still king. Password plus TOTP tends to be sufficient for most cases though.
    
    In conversation Sunday, 22-Oct-2017 05:09:47 EDT from community.highlandarrow.com permalink

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.