|
|
10.4: Random password widgets may not be random
I wonder if somebody can create a widget that just uses data from random.org to get truly random data - then convert it to text/numbers. or somthing.
10.4: Random password widgets may not be random
A Widget could use /dev/random ? for example:
$ xxd -ps -len 16 /dev/random
3974068a64fb51db4fb1405173788d1f
10.4: Random password widgets may not be random
For the sake of paranoia, I'd be wary of using any online source of randomness to generate passwords. You don't know what they may or may not be logging, and who may or may not be sniffing somewhere on the route between you and them.
10.4: Random password widgets may not be random
Get about 200 random numbers. Take the last few numbers and use them to determine which of the 200 numbers to use in making the password.
10.4: Random password widgets may not be random
Geeze. If someone sniffs your traffic, he also knows what algorithm you use. This means he also knows which of the 200 numbers you'll finally use.
10.4: Random password widgets may not be random
Except if you get a 10 MB random bit dump from random.org, and then use part of the file to pick where in the file to pull out a few bytes of random data, it's inconcievable that someone with a packet sniffer could figure out your strategy. That said, /dev/rand is fine AFAICT
10.4: Random password widgets may not be random
Oh, i see, this is for a widget. Yeah, you're right. It would need to be combined with a local source. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.12 seconds |
|