From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id CA104138334 for ; Mon, 4 Feb 2019 19:38:47 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AC17CE0CD0; Mon, 4 Feb 2019 19:38:41 +0000 (UTC) Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com [209.85.160.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 4A70DE0967 for ; Mon, 4 Feb 2019 19:38:41 +0000 (UTC) Received: by mail-qt1-f194.google.com with SMTP id b15so1254946qto.8 for ; Mon, 04 Feb 2019 11:38:41 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:subject:to:references:in-reply-to :message-id:mime-version:content-disposition :content-transfer-encoding; bh=eZnKF2YVS+hgTSBSeTpPfwUAeke+vG9MpIo0iHLHRxg=; b=BTf8Xd1pUjGMMfpkY6IM7bchmVCw0s5SYnVUaE4IsNTgagdp3eM6js3elbBqdR3+U7 f8WE5utIugcmTrjIO9r+iyIe7JB13LiYmG+1nUBJgH62iomxj2d8nq9md7kfD/N+OzVp ZfW+RNoJQmCh8dm3sNPWXMhzOcQrBd4Ef60K07XNHHQZVst2eNJTX3Iq3lVD30nPYK6n XvhmBHCbWY1CWLOXf0+W0qOdtcUCLXhs/XhB9JTsFHHHX8nMPFawgICLkwFZVcty/s8B aoPoY/rsLqN7clAxJaoDFEy3ulP3O6/bTmTuDBc5gFAAgdV6Vi0jYwGyja7lqaLCScuT +KAw== X-Gm-Message-State: AHQUAubwN9Ju2upC54Smc56cgO/IMZIyqRt0lpJbqdpbIZQOoA/QAbIr mNL3tLtLUSbCHgKaa5vSfKIe42Gz8nU= X-Google-Smtp-Source: AHgI3IZci+1VXt70omGv3lUAQb1GT1sp2XRzE0NsXKsI0cOtyN1E2nCH8D7HjwrNRlF/fuPA3kN3RQ== X-Received: by 2002:ad4:420a:: with SMTP id k10mr807432qvp.206.1549309120276; Mon, 04 Feb 2019 11:38:40 -0800 (PST) Received: from ffortso4 ([2601:188:180:4f46:1ec1:deff:fe62:b72f]) by smtp.gmail.com with ESMTPSA id a2sm5795223qte.76.2019.02.04.11.38.39 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 04 Feb 2019 11:38:39 -0800 (PST) Date: Mon, 04 Feb 2019 14:38:38 -0500 From: Jack Subject: Re: [gentoo-user] Re: Coming up with a password that is very strong. To: gentoo-user@lists.gentoo.org References: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> In-Reply-To: (from realnc@gmail.com on Mon Feb 4 06:10:54 2019) X-Mailer: Balsa 2.5.6-141-g03bf588a4 Message-Id: <4T37M4RU.7P6POHFW.VWXHN7BS@VBETV3G5.Q4J4WRJ3.XBFRTPM4> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp=Yes; Format=Flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable X-Archives-Salt: a86d9005-641b-440a-ae7d-f731b7a1ca8d X-Archives-Hash: 224bac5562ac5b820f4829d98573c786 On 2019.02.04 06:10, Nikos Chantziaras wrote: > On 04/02/2019 07:47, Dale wrote: >> How do you, especially those who admin systems that are always being >> hacked at, generate strong passwords that meet the above?=A0 I've =20 >> googled >> and found some ideas but if I use the same method, well, how many =20 >> others >> are using that same method, if you know what I mean.=A0 ;-)=A0 Just =20 >> looking >> for ideas. >=20 > I don't use a password manager. For website logins, I just use the =20 > password manager in the browser (Firefox), which does not use a =20 > master password :-P I just assume my own system is not going to be =20 > compromised. >=20 > For the websites I use, I generate a unique password per site using =20 > this command: >=20 > $ pwmake 128 >=20 > This generates a password using 128 bits of entropy from =20 > /dev/urandom. You need dev-libs/libpwquality being installed (it's a =20 > dep of something important, I think, so should be installed on most =20 > systems already.) >=20 > For remote systems I administer through SSH, I don't use passwords. I =20 > use a public/private key pair to log in (4096 bits.) My private key =20 > is protected with a strong password though, but it's easy to remember =20 > since it doesn't need to change. Something like: >=20 > ilp&mac4d@4*r >=20 > Which is short for: >=20 > I like pizza and macaroni for dinner at four star restaurants. The problem I have with many of these suggestions is that I have =20 multiple devices (two desktops, two laptops, tablet, android phone) I =20 use sufficiently often that I either need to be able to remember the =20 passwords or have some way of easily accessing them when I'm not =20 sitting at my main desktop. Other than using a password manager (which =20 I do not currently have) how to others deal with this? Jack=