With the Snowden based revelations, people have become more aware of security and privacy. The revelations have had extreme affects on some individuals. I can name one for example: PJ who runs/ran Groklaw.
I have been following the site since near it's inception, back when SCO was suing everything and everyone related to Unix. Groklaw performed unparallelled research into the underpinnings of various maneuverings and cases around the subject. Issues relating to privacy, for her personally, became front and center. The fact that the internet and anything flowing through it was being analyzed in various ways caused PJ, for various personal reasons described in her farewall entry, to totally abandon Groklaw.
It is sad that things came to this, particularly for a site as popular as Groklaw.
For those of us still making use of the internet, we have to 'batten down the hatches'. With this heightened awareness of security, I have been spending more time with some cryptography lists and websites. One site of immediate interest is AgileBits, a group who produce multi-platform password management software. While I'm on the subject, RoboForm also produce password management software.
Anyway, back to AgileBits. The company has a blog website discussing password strength, especially for the master password, which protects your stored passwords. One article in particular is good: Toward Better Master Passwords. The weakness of traditional passwords is discussed. And they offer a solution for creating stronger passwords. One of the solutions they suggest is by making use of pass-phrases rather than passwords. To assist with making randomized pass-phrases, The Diceware Passphrase Home Page is suggested as a resource.
The basic technique makes use a random word list and five dice. The dice are rolled to to choose random words from a list. You then use the random words as your pass-phrase. There are additional techniques discussed to make the pass-phrase even stronger if so desired.
The weakness behind this strong password is that one's computer could be compromised with a keyboard sentinel. Working around that issue would be the subject of another article.
