LinkedIn password database compromised

Thu Jun 7 16:53:00 UTC 2012

On 6/7/2012 8:58 AM, Jared Mauch wrote:
>
> On Jun 7, 2012, at 2:14 AM, Aaron C. de Bruyn wrote:
>
>> Imaging signing up for a site by putting in your email and pasting
>> your public key.

> I'm imagining my mother trying this, or trying to help her change it
> after the hard drive dies and the media in the safe deposit box
> doesn't read anymore.

There are other issues than not being familiar with technology, and they 
specifically affect those of us who have grown older, and lost certain 
dexterity that used to be innate. There are passwords and pass phrases I 
used to have committed to muscle memory. I never even had to think about 
them. I've had to spend literally hours trying to type in a PGP pass 
phrase that used to be something I could type without thinking.

There is no one size fits all solution to this. I'm still very annoyed 
with a company that has only now moved to a password solution that 
should have been in place in 2005. I still don't want single sign on. 
Not anywhere. I've been around for a very long time, and I'm fine with 
technical complexity for me, but do not expect the standard 16 year old 
text messaging addict to be able to handle some of the solutions I've 
seen suggested, much less most people my age.

Things are so complex now that people on nanog-l forget the average 
level of expertise among their peer groups is simply not replicated in 
the outside world. Jokes about needing a teenager to reprogram your VCR 
are a thing of the past. I used to be in the business of forecasting the 
future (among other things), and any security solution that is more 
difficult than knowing not to use the same password for your bank that 
you do for Facebook is doomed to fail.

{P.S. Ditto on thanks for backup DNS.}

-- 
A picture is worth 10K words -- but only those to describe
the picture.  Hardly any sets of 10K words can be adequately
described with pictures.