LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (http://www.linuxquestions.org/questions/general-10/)
-   -   Are Passwords Obsolete: The Diane Rehm Show (http://www.linuxquestions.org/questions/general-10/are-passwords-obsolete-the-diane-rehm-show-4175442513/)

frankbell 12-21-2012 08:56 PM

Are Passwords Obsolete: The Diane Rehm Show
 
Catching up with my podcasts and listened to an episode of PBS's Diane Rehm show from earlier this month regarding passwords and online security. Thought some of you all might find it interesting.

Kevin Mitnick was one of the guests.

You can listen to the show or read the transcript at the link:

http://thedianerehmshow.org/shows/20...nline-security

kooru 12-22-2012 01:10 AM

Thanks, i'm reading now!

sundialsvcs 12-26-2012 07:47 AM

Passwords certainly should not be used for most security applications, except to decrypt user-keys.

The analogy is simple... when you go to work today, is someone standing at the door asking you to "say the magic word?" No. You swipe your badge, which was issued to you and only to you, and which you cannot replace if you lose it at the local bar. (If you do lose it, the security department immediately invalidates it, so that the other drunken fool can't get in.) :)

Meanwhile, no one else is inconvenienced. (They're just as hung-over as you are, but they didn't lose their badges.)

The key is encrypted so that no one else can "trivially" use it after stealing your laptop at the airport coffee-shop (because you were too hung-over to lock it to the table). But the key is unique, and it is unforgeable. That's where the security comes from. If your employer fires your besotted :eek:, say for public drunkenness, no one else is inconvenienced.


All times are GMT -5. The time now is 10:41 PM.