Posts
-
一条密码走天下 - 1pass4all简介
(
gathering comments...
)
February 26, 2012
在这个互联网时代,网络账户大都是以用户名与密码组合的形式来鉴别的。由于 用户名一般是公开的,密码安全就显得至关重要了。设计一个好密码绝非易事,既要 足够强壮又要易记难猜。强密码的一个典型特征是熵(entropy)值高,通俗地说是 随机性强、规律性弱。那些用有规律或广为人知的数字序列或字串组成的密码固然不满足此条件, 一个长度不够、字符取值范围不广的密码在暴力破解面前同样弱不禁风。此外,有些密码 看似强壮,但如果与用户的个人信息紧密相联,也容易被知情人猜出或缩小检测范围。 事实上,绝大多数用户的密码要么不够强壮、要么容易猜测、要么(也是更多的)兼而有之。 去年底爆出的“密码门”事件再次佐证了这一点。... Read more
-
One Pass For All - An introduction to 1pass4all
(
gathering comments...
)
February 21, 2012
As an internet user, you probably have a bunch of web accounts. With few exceptions, all of them are password-protected. To keep these accounts as safe as possible, you have to figure out a set of strong yet easy-to-remember and hard-to-guess passwords. Moreover, these passwords shouldn’t be the same as or similar to each other, or more strictly, the relationship among these passwords should be hard to detect. Otherwise, if one of them is compromised, so are the others. With the number of accounts growing, password maintenance tends to be a thorny issue. That’s where the... Read more
Projects
- pybox - a Python API/client that manipulates files on box.com(a.k.a box.net)
- 1pass4all - a bookmarklet to create passwords easily and securely
- vimconf - vim configuration