From owner-freebsd-questions@FreeBSD.ORG Wed Jun 11 19:47:05 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 470BC1065670 for ; Wed, 11 Jun 2008 19:47:05 +0000 (UTC) (envelope-from jeffrey@goldmark.org) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id 151A68FC0C for ; Wed, 11 Jun 2008 19:47:04 +0000 (UTC) (envelope-from jeffrey@goldmark.org) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 5B8CF114B00; Wed, 11 Jun 2008 15:47:04 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Wed, 11 Jun 2008 15:47:04 -0400 X-Sasl-enc: Jc79dfZCQzIKgBllowJQ6O0hFWS+TTLtfV+9CwtZS+Zp 1213213624 Received: from hagrid.ewd.goldmark.org (n114.ewd.goldmark.org [72.64.118.114]) by mail.messagingengine.com (Postfix) with ESMTPSA id DFE992BB44; Wed, 11 Jun 2008 15:47:03 -0400 (EDT) Message-Id: <85FE1FA5-D917-43D8-B959-C70A00A41A7A@goldmark.org> From: Jeffrey Goldberg To: freebsd@celestial.com In-Reply-To: <20080611163515.GA8032@ayn.mi.celestial.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v924) Date: Wed, 11 Jun 2008 14:47:03 -0500 References: <484F7CBE.5060401@lc-words.com> <20080611161436.GA9276@slackbox.xs4all.nl> <20080611163515.GA8032@ayn.mi.celestial.com> X-Mailer: Apple Mail (2.924) Cc: freebsd-questions@freebsd.org Subject: Re: generating random passwords X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2008 19:47:05 -0000 On Jun 11, 2008, at 11:35 AM, Bill Campbell wrote: > One of the biggest problems with random passwords is that they > end up written on yellow-stickies on the monitor or under the > keyboard. I'm going to take this opportunity to preach. Everyone should be using a good password management system. Otherwise people will use either weak passwords or will use passwords which are predictable from other passwords. (That is using the same password or variants of the same password for many separate realms.) I don't run FreeBSD on desktops so I haven't looked at the various tools available. On OS X, I use 1password which makes excellent use of the OS X Keychain system, and has terrific webbrowser integration. I'm fairly sure that the Apple Keychain libraries have been or can be ported to FreeBSD, but it might require GnuStep. On Window's I recommend Password Safe. In ports, sysutils/pwsafe provides a CLI utility that can manage Password Safe data. And security/gorilla provides a tcl/tk GUI for pwsafe. I've used both on OS X, and the work fine, but I much prefer 1password in that environment. I've never looked at things like kwallet or other Unixish password management systems. But once again, I recommend that everyone use a proper password management system. -j -- Jeffrey Goldberg http://www.goldmark.org/jeff/