[Lab] Plain text password

Justin Hornosty jjrh70 at gmail.com
Tue Nov 10 12:35:06 EST 2015


Chris de Groot writes:

> My recommendation is we must figure out a way to secure the
> passwords. It's cool and stuff to run the service, but it is too much
> of a danger as it stands today, we must assume it will get stolen and
> that not everyone will read the notes on how to select a password for
> the mail list. I think it would be valid to consider a hosted
> community service that takes away all these responsibilities from the
> folk who provide enough time to keep it running, but maybe not enough
> time to keep it safe. Google groups maybe an option.

Someone else had said that the fix is easy - you update the mailman.

http://wiki.list.org/DOC/How%20do%20I%20turn%20off%20passwords%20completely%3F

I personally use: http://www.passwordstore.org/ and pwgen
http://linux.die.net/man/1/pwgen (I think pass has this built in
actually) to manage passwords for various websites.

There are other ones out there, but 'pass' has the advantage of running
in the command line and uses standard GPG encryption.

-jjrh



More information about the Lab mailing list