From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 385E6138334 for ; Sun, 10 Feb 2019 16:12:29 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7D8F0E0984; Sun, 10 Feb 2019 16:12:22 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 05B19E0953 for ; Sun, 10 Feb 2019 16:12:21 +0000 (UTC) Received: from localhost (unknown [91.246.99.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: bircoph) by smtp.gentoo.org (Postfix) with ESMTPSA id D52EC335D01 for ; Sun, 10 Feb 2019 16:12:17 +0000 (UTC) Date: Sun, 10 Feb 2019 19:12:13 +0300 From: Andrew Savchenko To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Coming up with a password that is very strong. Message-Id: <20190210191213.f143979ac631765a9dbb6837@gentoo.org> In-Reply-To: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> References: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="PGP-SHA512"; boundary="Signature=_Sun__10_Feb_2019_19_12_13_+0300_xXEYolV0MW0Xi0SG" X-Archives-Salt: c9e733fc-af04-4b20-905f-ebdc9df00592 X-Archives-Hash: 854bd39c73ff4f502995191accc3ffad --Signature=_Sun__10_Feb_2019_19_12_13_+0300_xXEYolV0MW0Xi0SG Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, 3 Feb 2019 23:47:35 -0600 Dale wrote: > Howdy, >=20 > Some may recall me mentioning using LastPass to manage my passwords.=C2=A0 > Obviously, it can generate very strong passwords that are different for > each site.=C2=A0 It can also remember them as well which makes things more > secure than using just a few passwords for all sites.=C2=A0 One for things > like financial sites, maybe a less secure one for some site you still > want reasonably secure and a even weaker one for sites you don't care > about hacking, and hackers likely won't either.=C2=A0 I know some people = who > do this even today.=C2=A0 Heck, ages ago, I was one of them.=C2=A0 Things= change > tho.=C2=A0 Some passwords can be hacked in seconds by a desktop computer, > including my own if I had the software and knowledge to do it.=C2=A0 >=20 > The one thing about most all password managers, they have a master > password.=C2=A0 That one password unlocks the rest.=C2=A0 Trick is, havin= g that > one be a good one that is easy to remember, type on a keyboard and be > secure, virtually unhackable but also unforgettable.=C2=A0 I've had what = used > to be a strong password for a while.=C2=A0 Thing is, with today's computi= ng > power, it really isn't anymore.=C2=A0 While no one could just guess it, it > could be cracked/hacked I'm sure.=C2=A0 I need to come up with a new one = that > meets the requirements I just mentioned.=C2=A0 Strong, easy to remember, = easy > to type but won't forget.=C2=A0 I've read that using maiden names, years = of > birth or whole dates of birth, actual names, pet's name, words in a > dictionary and a whole list of other things makes it easier, especially > if you post a lot on social media, for hackers to use against you.=C2=A0 = I'm > trying to avoid that sort of thing obviously and have a couple ideas but > am curious as to what method others use, without exposing to much detail > since this is public.=C2=A0 >=20 > How do you, especially those who admin systems that are always being > hacked at, generate strong passwords that meet the above?=C2=A0 I've goog= led > and found some ideas but if I use the same method, well, how many others > are using that same method, if you know what I mean.=C2=A0 ;-)=C2=A0 Just= looking > for ideas.=C2=A0 1) Install app-admin/apg. 2) apg -a1 -m40 Best regards, Andrew Savchenko --Signature=_Sun__10_Feb_2019_19_12_13_+0300_xXEYolV0MW0Xi0SG Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE63ZIHsdeM+1XgNer9lNaM7oe5I0FAlxgTV0ACgkQ9lNaM7oe 5I11nRAAqm4ezCQSBKCyRRIR4XLgtfB9IDJqoxN0pw0eeQso1KkffiLdapISofpF rxfTZT6kfcqstxtB/BD/0O+AU82R/+LsH5vbEcBxZwnC7ER11O4gOstbl2h03Lh7 qzYYcAmrm37jmabAzDUypzjCJhGg5pq8r+QPjqkObozDu5Vw5yf1/u7weeWRv4Aj lXRQJCpa8H9DIpMi8+pp3nlLuOQL2mx5BOeeQUJINw00UBPYUN7Fa0etVfOd03hK L5cGFHt7BZMIiBDk95XrW/5PZ+Dc1eI5eVvKe5tfuyTY3a4vUqdDIgLhAtSrXMgD bBMuu/Qx6yheNhtAgc1Rv7DYvxUbXXmQDSFdXxdO1a9b6VCLnTcjU9Sb/AVFtfbk f58G9i/3lEuJDtI2myg+SPaVbABLD5RJrIOun0+cmMZOYWVoWCv/xecp5545IivU MGusDeTO6L8gf6dlSLUN/7v/8g8oYsZiSmXajMCVXDFTPQ/nrvOvNTDclG66QKC0 hZQSM4y0FXfazeuM+8AdcwP96gsox95//hWJr9ZKHHMtMebuQyCiRRKWYsKAxk2x wb2LrsJk+4iOj+EZrLbF4LGygzMQ8T0Rz4pHZac40dUKLlTd7/8d3+O5Z98PbeUy XaOGj6ASJWmQuOX9xA7XuWRtYSFDNRa1merVDQTfzKqsXnxfWXA= =VWq6 -----END PGP SIGNATURE----- --Signature=_Sun__10_Feb_2019_19_12_13_+0300_xXEYolV0MW0Xi0SG--