[Labs-l] 2-factor shell auth (was:second attempt to request alternative login server)
Leslie Carr
lcarr at wikimedia.org
Wed Mar 6 18:45:30 UTC 2013
On Wed, Mar 6, 2013 at 10:19 AM, Matthew Walker <mwalker at wikimedia.org> wrote:
>> [removed garbage about password auth being wonderful...]
>
> I don't feel passwords are any more or less secure than keys. In some cases
> keys can be even less secure if you're doing agent forwarding.
Yes passwords are less secure than keys - egads. The amount of
entropy in a key makes it impossible to brute force in this day and
age (https://www.youtube.com/watch?v=BA6kG-tOkBs) versus passwords
which have much less entropy. You should still password protect your
key in case your laptop/key storage is accessed.
--
Leslie Carr
Wikimedia Foundation
AS 14907, 43821
http://as14907.peeringdb.com/
More information about the Labs-l
mailing list