[Cryptography] Cost of remembering a password
Guido Witmond
guido at witmond.nl
Sun Aug 17 04:09:31 EDT 2014
On 08/16/14 18:18, Bear wrote:
> Whatever your password manager runs on, is a trusted system -
> ie, one whose compromise could absolutely destroy your security.
> And if it is a conventional system running software, then it
> is running something invisible and modifiable which I cannot
> fully inspect, ie, it is not trustworthy.
>
> We must never create trusted systems which are not trustworthy.
The current design - where people type in passwords - is also considered
a trusted system. It's trusted not to leak the passwords when these are
typed in. The amount of keyloggers show that this trust is not warranted.
Then there is the issue that people do not validate which is the
expected CA that signed a sites' server certificate, turning a TLS into
a trusted system too. What price should we put on that?
Or the price of clicking the "I don't understand, I just have to click
yes to proceed" button. What price should we put on that?
Cheers, Guido.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140817/507629ad/attachment.sig>
More information about the cryptography
mailing list