The days of using one password for everything should be far, far in the past.
That's precisely what you do when using "default" LastPass. One master password to rule them all. For LastPass in particular there's a variety of supported multi factor authentication, like Google Authenticator to Yubikey. See https://helpdesk.lastpass.com/multifactor-authentication-options/
Christoph
2015-11-13 13:12 GMT+01:00 GorillaWarfare <gorillawarfarewikipedia@gmail.com
:
+1 for LastPass. Write it down and stick it on your desk if you need to—the likelihood that your passwords will be compromised by someone physically breaking into your home is minuscule (and if so, you have much larger things to worry about). More conveniently, use password management software like LastPass, KeePassword, or 1Password. The days of using one password for everything should be far, far in the past.
– Molly (GorillaWarfare)
On Fri, Nov 13, 2015 at 7:06 AM, Edo de Roo edoderoo@gmail.com wrote:
https://lastpass.com/f?171486 <-- a good password tool to remember all those long passwords
Yes, remembering short passwords is easier. But nowadays you might have like 400 passwords, and they should all be different (or you do not manage them by yourselve (alone)).
LastPass is one of the tools out there that can handle that for you, among others. I now use LastPass for several years, it's free, I believe it's safe (safer then 123passw everywhere) and it never let me down.
Edo
2015-11-13 11:16 GMT+01:00 James Alexander jalexander@wikimedia.org:
On Fri, Nov 13, 2015 at 1:23 AM, Lodewijk lodewijk@effeietsanders.org wrote:
Were only the admin passwords compromised, or also the passwords of the list members (who can set a password to view the membership etc)?
Lodewijk
All passwords were reset, including list member passwords. Because list member passwords can go through a "retrieve password" + they get periodic reminders automatically mass emails about those resets were not sent out however. (I believe we may be adding a note in the auto reminder about how they were reset... but not entirely sure, I will leave that for ops)
James Alexander Manager Trust & Safety Wikimedia Foundation (415) 839-6885 x6716 @jamesofur
Listadmins mailing list Listadmins@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/listadmins
-- [I don't print e-mails. Do you?] http://gplus.to/edoderoo _-=-_ edoderoo.nl
Listadmins mailing list Listadmins@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/listadmins
Listadmins mailing list Listadmins@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/listadmins