[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cryptography] Possible reason why password usage rules are such a mess
On 11/17/20 8:42 PM, Sven Semmler wrote:
On 11/17/20 7:45 PM, Kent Borg wrote:
First, why should we trust that the user's machine that it is running
on is secure? People get infected by malware all the time.
I agree that this is a giant problem, but it's not specific to the
password manager. Once your machine is compromised a simple keylogger
will quickly render any and all password strategies (including writing
them down on paper) useless.
No, paper is still better than an all-eggs-in-one-handy-basket approach.
For the manual case a key logger still needs to catch each being
password used. Much less juicy target. Much harder problem for the attacker.
The cryptography mailing list
cryptography AT metzdowd.com