Hacker News new | ask | show | jobs
by dmfdmf 3477 days ago
Or put them on a yellow sticky under their mouse pad.
1 comments
guelo 3477 days ago
A sticky note is very secure against remote attackers.
link
benchaney 3477 days ago
Which is good enough in most cases. If an attack can walk in and physically tamper with you computer peripherals you generally have bigger problems.
link
hackuser 3477 days ago
As a very general rule, most attackers are insiders.
link
user5994461 3476 days ago
Insiders are easier to identify and deal with. Be it a rogue employee or a nasty sister.
link
mulmen 3477 days ago
There is no password policy that protects against rubber hose cryptanalysis.
link
e12e 3477 days ago
Sure there is. I believe the classical approach is cyanide in a false tooth.
link
AstralStorm 3477 days ago
A less classical is divulging a self destruct/lockout password.

Pity so few systems support this.

link
jon-wood 3477 days ago
That's going to go badly for you the moment the attackers realise what you've done. Admittedly they'll no longer be able to compromise the account, but you better really care about that.
link
inopinatus 3477 days ago
How about ... a duress code that diverts to a system that looks like the real one but actually contains disinformation (possibly including a misdirection that makes them think you were on their side all along, so that they let you go)
link
nkristoffersen 3477 days ago
related: https://xkcd.com/538/
link