[Lab] Plain text password

Chris de Groot cdegroot at adobe.com
Tue Nov 10 13:00:29 EST 2015


Good personal password management is good and important. I think we need
to stop managing our own mail lists. We are makers and should focus on
making fun stuff (great faire over the weekend BTW). Lets outsource this
to a service that does the security and day to day updates for us.

C.

On 11/10/15, 12:35 PM, "Justin Hornosty" <jjrh70 at gmail.com> wrote:

>
>Chris de Groot writes:
>
>> My recommendation is we must figure out a way to secure the
>> passwords. It's cool and stuff to run the service, but it is too much
>> of a danger as it stands today, we must assume it will get stolen and
>> that not everyone will read the notes on how to select a password for
>> the mail list. I think it would be valid to consider a hosted
>> community service that takes away all these responsibilities from the
>> folk who provide enough time to keep it running, but maybe not enough
>> time to keep it safe. Google groups maybe an option.
>
>Someone else had said that the fix is easy - you update the mailman.
>
>http://wiki.list.org/DOC/How%20do%20I%20turn%20off%20passwords%20completel
>y%3F
>
>I personally use: http://www.passwordstore.org/ and pwgen
>http://linux.die.net/man/1/pwgen (I think pass has this built in
>actually) to manage passwords for various websites.
>
>There are other ones out there, but 'pass' has the advantage of running
>in the command line and uses standard GPG encryption.
>
>-jjrh



More information about the Lab mailing list