-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 04/30/2015 08:45 PM, jim bell wrote:
It would make _a_bit_ more sense if a person appended a fixed randomized string (of their OWN construction, one that nobody else knows...) to their usual password, perhaps AFTER ALSO customizing that password using the name of the website too. However, it would certainly be
I know a couple of folks who travel regularly who use this: https://github.com/gardners/whirlenig Their usage model is this: Unique Whirlenig disks are generated and used for their passwords. The passphrase used to generate the unique Whirlenig disk is memorized. They travel with a burner laptop with no local password storage or sensitive information, just Git installed. At the destination they check out the repo and re-generate their Whirlenig disk, then print and assemble it locally. The Whirlenig assembly is securely destroyed (I presume by burning, I don't ask) prior to departure. I don't know what their on-storage cache destruction protocols are like (my guess is RAMdisk, no swap on storage). - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "Oh, boy." --Sam Beckett -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVQ7pyAAoJED1np1pUQ8RkFfgQAIrU0DfFTd1ZT6FqYiPqVOaM svrHz244Pq3+8aCObkWOG5FzJJXfAtDllqwt+KRYT68t/mnm+XxuuMU81K5I+HXq K8y6oKBY4536zZJR66/RpqTo/gsfPh9qE52vh4ygXCohcjhwSzcrneEWZthnCd0u ocKbLi1vKyyU3qderKpNd+jH0JWtIo+IRAWiIUDV94X4wS9QruNltouC7Q+gNkQy n6AQYfNQK5S08i0B/6dUxT6Y80jHNVGLuciAnuQ7EKkK3ZUV27FwKFXQikYctglN 4StVn4iRfhGcqv8wPkKc0Yp7eX3PlcuehHldQ/67oXzGX/+1lBi/xY+m+Ic3wmGN ZwazEtiTR9ioqrL28rsN+jM3Gi23EqBWhskigUu5q74bdIjjOIVz9calzO9/w4rR QHzm9ZjM0RX2QAQxPAO1VLFrut3NDiWmMYQ5qaGypsSNNOh44s3Ed1DctFbWtUbp SEP8+w6MMuJ0Mf/wcOmXwob4tT/pHbcw4xieB9pu0FzxeqEmwkf6Xxqf5DT7Zv2h jaG0Y3AVP4VHFjMb0Kz/W5/RebuXc/qxQLxhuPKHud+rShPyi2ljGf5EkP7Onao6 pauBAPAsCE6eDbY/6t23YyY4MmQN3wU043iWiYmlXU5mtTBGXLJ24pZmRohXAerU SoY0MNGBCiVD5D7EwBSD =qwpq -----END PGP SIGNATURE-----