Encryption

A solution for safely remembering your password

PasswordCard is a customizable solution for picking and remembering passwords similar to the charts banks have been using for online banking login. Here is how it works:

  1. The Web site uses a reference key to generate a PasswordCard. In this example it is 3139514585bbbd70. You can safely write your key down and store it somewhere. If someone gets hold of it, they cannot guess your passwords.
  2. The PasswordCard features a grid of random code divided in columns of symbols and lines of different colours:

    You can download that PasswordCard and print it on paper to carry with you.
  3. When you need a password, just remember the symbol and the colour that determin where your password begins. To make it even harder to crack, you could be reading the random code in other ways than from top left to bottom right. You could for example read it in diagonal or in Zig zag. The point is to pick a pattern for each password that you can easily remember.
    For example an 8 character password, from clover column and pink line, from top left to bottom right reads:
    MWqvp9YF

Should your PasswordCard get lost or stolen, the person who gets their hands on it will still be missing four informations to read the password:

  • password length
  • symbol column
  • colour line
  • reading direction

With your key code, you can go on the Web site any time and extract the same key to print again.

Share

Digital privacy
Encryption
Security

Comments (0)

Permalink

British anti-leaking guidelines document leaked

Following several cases of data irresponsibility, namingly government officials “losing” unencrypted classified information, the British Ministry of Defence compiled a document outlining how to prevent confidential information from being leaked to the Internet.
Problem is, that very document has just been leaked to the Internet.
Bummer!

Share

Data irresponsibility
Encryption

Comments (0)

Permalink

simple reasons as to why Windows Live sucks

I’ve started using my Microsoft Hotmail Windows Live account again, and it didn’t take a hard look to find 2 reasons why it is vastly inferior to Google Mail:

  1. Informations are passed on a transparent HTTP connection. Gmail uses encrypted HTTPS all session long.
  2. Windows Live allow me to search keywords in ONE message at a time. Gmail allows me to search keywords in the frickin’ thousands of email I have been getting since opening my account.

Way to go Microsoft, Bing! must be a big threat to Google if you’ve put the same attention to detail in developing it.

Update: last week, Microsoft reported that thousands of Hotmail accounts were exposed over a phishing attack. I know better than to click on an email link to log into my account, so it seems that many of those exposed accounts were used to corrupt the Hotmail network, including my own account. I got about 20 spam mail allegedly sent by contacts, and 10 mail sending failure notices to contacts from my Hotmail list. I proceeded to change my password, and it now seems that the Hotmail spam filter is temporarily disabled, letting all the junk mail reach my inbox. I’m sure this is prompting a lot of long time Hotmail users to move to a more serious provider like gMail or Yahoo.

Update: Turns out my vacation reply has somehow been activated, featured the same text I’ve seen on and on, and was set to reply to every incoming mail (which according to Microsoft makes me more vulnerable):

Dear friend,
how were you going? I would like to introduce you an really good space,there are mainly run various kinds of famous electornic products, it’s true charm pioneer.Now the company is under promotion, all of the products are sold nearly as the same as their cost.
Charmpioneer renders the best service to customers, and provides you with original products which are very cheap, but good-quality.
It is really a good opportunity for taking action, let’s go,just do it, and you will fall in love with it.

The web address: (www.)brcian.com

Update: Now I noticed that my contact list has completely dissapeared whenever I connect with an IM client.

Share

Bloatware
Cybercriminality
Data irresponsibility
Digital privacy
Economic sustainability
Encryption
Google
Internet
Messaging
Migration
Phishing
Security
Spam
Vulnerability

Comments (0)

Permalink

U.S. Department of Defense to teach migrating to open-source software

I have written about the United States National Security Agency contributing to information security (with its release of the SHA cryptographic hash functions) and a set of modifications that can be applied to Unix-like operating systems, such as Linux and BSD.

Now, the United States Defense Information Systems Agency (a division of the Department of Defense), has started running seminars on migrating to open-source software. That’s a pretty strong endorsement for open-source.

Read more on Cnet.com.

Share

Digital privacy
Economic sustainability
Encryption
Migration
Open
Security
Vulnerability

Comments (0)

Permalink

One of the reasons why I love Open Source

One of the facts that made me decide to get an android phone was the availability of KeePass, an open-source encrypted database software that allows to securely keep all critical password and numbers at hand.

Brian Pellin  is the volunteer software developer who singlehandedly compiled and maintains KeePassDroid, the android version of KeePass. Being an industrial designer, and having a long experience in graphic design, I contacted Brian on July 12th 2009 to offer some assistance. He replied within 24 hours and I got back to him with an android-specific launcher icon for KeePassDroid, and a few suggestions for fine-tuning the user interface.

What do you know? Three days later Brian was already publishing an upgrade to the software, featuring the GLP’ed launcher icon and the interface tweaks. Now where else do you find software that implements user feedback so fast? Two thumbs up for Brian Pellin and Open Source!

Share

Android
Cross-platform
Digital privacy
Economic sustainability
Encryption
Mobile computing
Open
Review

Comments (0)

Permalink