Links for Today: Passwords

Today I am reviving an old blogging tradition of posting some interesting or useful links with little or no context. Today’s topic: Passwords.

4 fatal flaws in deterministic password managers
Sync-less password managers are trending again, Tony Arcieri breaks down some reasons why they suck.

NIST’s New Password Rules
For developers: I pull this article from the link above, there are a few counterintuitive suggestions in this doc.

TLDR – Just use 4 easy to remember words


Comments

4 responses to “Links for Today: Passwords”

    1. My main takeaway is that you should choose a random 4 words. yes/no?

      1. DanBoulet Avatar

        Yes, you’re right, but if you use common, easy to remember words, you leave yourself vulnerable to dictionary attacks. A long string of completely random characters will usually be much stronger. Another good article which talks about this: http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/

        1. This is super fascinating.

Leave a Reply

Only people in my network can comment.