This is sophware's Typepad Profile.
Join Typepad and start following sophware's activity
sophware
Recent Activity
This article seems like good knowledge, in-depth analysis, and bad advice. There's no easy solution, but this implementation would be disaster.
Gawker and J. Random aren't necessarily the real problems (especially with the options of cascade of passwords, LastPass, KeePass, Password Safe, SuperGenPass, home-made transform using hash algorithm, etc.). Examples of real problems: Using the same password everywhere, passwords that can be reset via email or challenge questions, and sites that don't allow strong passwords. The idea in this article would be a real big problem.
7 ways, just off the top of my head, to pwn someone with this "centralized risk:"
http://sophware.posterous.com/even-coding-horror-may-not-have-a-good-answer
Commented Dec 16, 2010 on The Dirty Truth About Web Passwords at Coding Horror
The Dirty Truth About Web Passwords
This weekend, the Gawker network was compromised. This weekend we discovered that Gawker Media's servers were compromised, resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot. If you're a commenter on any of our sites, you prob...
sophware is now following The Typepad Team
Dec 16, 2010
Subscribe to sophware’s Recent Activity
