[Cryptography] Cost of remembering a password
Michael Kjörling
michael at kjorling.se
Sat Aug 16 13:59:13 EDT 2014
On 16 Aug 2014 09:18 -0700, from bear at sonic.net (Bear):
> Until you build one of those, I'm going to continue using an
> iron box for a password manager. Integrating a software
> password manager is a failure because it puts trusted software
> on non-trustworthy hardware.
Who said you'd be forced to use it at all? Password managers are great
for the vast majority of people for precisely the reason that they
allow the generation and use of long, high-entropy passwords by beings
who simply aren't wired to remember a large number of distinct, long,
high-entropy strings.
If you're worried about your password manager doing something it
shouldn't, then what's to say the browser can be trusted?
--
Michael Kjörling • https://michael.kjorling.se • michael at kjorling.se
OpenPGP B501AC6429EF4514 https://michael.kjorling.se/public-keys/pgp
“People who think they know everything really annoy
those of us who know we don’t.” (Bjarne Stroustrup)
More information about the cryptography
mailing list