LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 12-21-2012, 08:56 PM   #1
frankbell
Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, Mint
Posts: 7,340

Rep: Reputation: 1382Reputation: 1382Reputation: 1382Reputation: 1382Reputation: 1382Reputation: 1382Reputation: 1382Reputation: 1382Reputation: 1382Reputation: 1382
Are Passwords Obsolete: The Diane Rehm Show


Catching up with my podcasts and listened to an episode of PBS's Diane Rehm show from earlier this month regarding passwords and online security. Thought some of you all might find it interesting.

Kevin Mitnick was one of the guests.

You can listen to the show or read the transcript at the link:

http://thedianerehmshow.org/shows/20...nline-security
 
Old 12-22-2012, 01:10 AM   #2
kooru
Senior Member
 
Registered: Sep 2012
Location: Italy
Distribution: Slackware, NetBSD
Posts: 1,228
Blog Entries: 4

Rep: Reputation: 256Reputation: 256Reputation: 256
Thanks, i'm reading now!
 
Old 12-26-2012, 07:47 AM   #3
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,231

Rep: Reputation: 1071Reputation: 1071Reputation: 1071Reputation: 1071Reputation: 1071Reputation: 1071Reputation: 1071Reputation: 1071
Passwords certainly should not be used for most security applications, except to decrypt user-keys.

The analogy is simple... when you go to work today, is someone standing at the door asking you to "say the magic word?" No. You swipe your badge, which was issued to you and only to you, and which you cannot replace if you lose it at the local bar. (If you do lose it, the security department immediately invalidates it, so that the other drunken fool can't get in.)

Meanwhile, no one else is inconvenienced. (They're just as hung-over as you are, but they didn't lose their badges.)

The key is encrypted so that no one else can "trivially" use it after stealing your laptop at the airport coffee-shop (because you were too hung-over to lock it to the table). But the key is unique, and it is unforgeable. That's where the security comes from. If your employer fires your besotted , say for public drunkenness, no one else is inconvenienced.

Last edited by sundialsvcs; 12-26-2012 at 07:49 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Passwords are made obsolete with Mozilla’s BrowserID LXer Syndicated Linux News 1 07-16-2011 10:55 AM
[SOLVED] Keepassx doesn't show passwords Mr. Alex Linux - Software 6 12-01-2010 07:03 AM
LXer: VMware Ousts CEO Diane Greene LXer Syndicated Linux News 0 07-08-2008 11:00 PM
Sync MySQL passwords with local account passwords? turbine216 Linux - Software 2 02-18-2005 03:15 AM
Completely uninstalling MySQL and its passwords passwords...how? I locked myself out! Baix Linux - Newbie 2 01-30-2005 04:10 PM


All times are GMT -5. The time now is 08:37 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration