Дата публикации: 2017-10-12 19:03
Enter developer Nick Sypteras , who wanted to solve the problem of coworkers requesting his attention while his headphones were on. Working in a cubicle, he wrote, “There’s no way for a visitor to my desk to get my attention other than by waving their hand in my face, making loud noises behind me, etc.” So he broke out the soldering iron, a Staples Easy Button, and an Adafruit microcontroller.
Passwords are bad and dumb. But so is everything else. Fingerprints can be stolen, two-factor texts can be rerouted, keys can be copied. As tech reporter Quinn Norton put it, everything is broken , and as writer/programmer Dan Nguyen put it, everything is (even more) broken. Security technology is a race between the good guys and the bad guys, and it’s just impossible to have perfectly secure technology without sacrificing many of that technology’s benefits.
The best answer to that is a very long string of words. As the webcomic xkcd famously pointed out, a bunch of plain words is pretty good. But as many hackers use “ dictionary attacks ” to guess regular words, it’s best to add some capital letters, special characters, or numbers.
You just need to remember one password: The one that locks your password manager. Follow all the rules above to create a strong master password, especially if you sync your data. Otherwise, if your password service ever gets hacked, the hackers will also guess your weak master password, and they will swim around in all your accounts as in a silo of Scrooge McDuck money.
Home About Us Testimonials Planning Advice H ow It Works Purchase Contact Us Agents Business Planning Sitemap
First generate a random, secure password with your password manager. Then amend that password as minimally as possible to comply with the service’s specific rules. Do your password editing inside your password manager, so it can alert you if you’re turning a strong password into a weak one.
Cloud-based services like 6Password and LastPass are more vulnerable to remote attacks. But because they heavily encrypt your data and don’t store your master password , you’re still safe even if those services are hacked—as long as your master password is too hard to crack. (You can also sync your encrypted password file with Dropbox or Google Drive a hacker would still need your master password to unlock it.)
Sypteras wrote the code to send his Slack alerts in MicroPython , a version of the programming language designed for microcontroller boards. The Adafruit Feather HUZZAH microcontroller listens for a change in value based on whether the button was pressed.
So once you’ve set up your password manager, replaced all your passwords, and enabled two-factor authentication, don’t think your work is done. Some day everything will move onto a new security system, and you’ll have to adapt. That’s the price we pay for putting our lives online.
And don’t get clever with thematic or personally meaningful passwords. Sometimes humans do try to crack passwords, so don’t help them out by using your son’s birthday or the phrase printed on your favorite coffee mug.