
ToadCast 008 - Just use a password manager
We are back! ToadCast 008, I was joined by Jonathan Jordan to discuss password security, programmer mentality and philosophy, and more!
ToadCast can be found on iTunes. Check us out and give us a rating.
We now have a handy form for you to submit your questions, topic ideas, and tips! Yay. Give it a try.
Thanks for listening.
Topics discussed:
- Feeling Overwhelmed as a programmer
- Philosophy of expectations in our industry
- Password Security
- Password Managers
- CSS news
Show Notes:
- TodoMVC
- The Myth of the Specialized Programmer
- Don't worry. We all feel overwhelmed
- Thomas Fuchs on XKCD password security comic
- XKCD - Password Strength
- I'm sorry, but were you actually trying to remember your comical passwords
- Avoiding Risky Password Rules
- The only secure password is the one you can't remember
- Security Now!
- Happy birthday Chrome!
- Amazon announces new Kindle products
- position: sticky;
- Mozilla Dev Derby
- js13kGames
- 140byt.es byte saving techniques
- js1k Minecraft submission - holy crap!
- Kishi Bashi - Manchester (live)
- Building Atari with CreateJS
- Developing Backbone.js Applications
- The Oregon Duck - Gangnam Style Parody
Comments
I drunkenly wrote all my thoughts about it here. Hopefully, it won't be modded out.
This is my favorite ToadCast, so far!!! Happy birthday, bro. Thanks for the pollywog mention, even if you are looking for something else!
I should also add that my template engine handles templates better than microtemplate. It can elegantly print single-quotes, and has better error-handling, among other things. I think backbone is awesome, and I agree that javascriptMVC has grown a great bit since we were using it.
Check out web2py for python awesome CMSness. Python is super-rad. It was designed as a teaching language, so it fundamentally has all the features of every other language, but little of the problems of many.
I think some language experience can teach you truly awful habits, like BASIC, VBA, Coldfusion, and even ASM! You have to tailor your experience around actual need and interest, I think. BASIC & ASM jump/gotos are bad for lots of paradigms, for example, even if it can give you a leg-up in your programming process, especially over non-programming experience, in general.
My inner-huckster drives me to succeed, and I hope that voice never goes away.
"hackers gonna hack" priceless. Also: true. if you can do a thing, and deem it even moderately secure, in general people will wanna break it.
passwords: echo `head /dev/urandom |md5``head /dev/urandom |md5` |sed YOURTRICKSHERE
hint replace [0-9a-f] with yer magix that are comprised of random [g-zG-Z].
now, use a manager.
FTP password security is a kind of oxymoron. It's plaintext over unknown bad-peeps wires, you know...
I want raspberry MUDs! Do this, Robbie, I will help. Also, let's go to these limestone caves, and get the original crystal caves cart stache, yo!
Also, as an ex-toady, who deeply loves MetalToad, I would like to talk on your podcast. I have a musical background, if that makes a difference, and I am the less refined of you 3, so we can have a kind of rags-to-riches, wuthering-heights reality-tv scenario, metalcasters.
Sat, 09/08/2012 - 20:58
Advertisements... We don't see them, we don't understand them, don't waste your monies!
Sun, 09/09/2012 - 00:25
So, this is a MUD engine running on node.js
https://github.com/shawncplus/ranviermud
All JS, YML, and modern with built-in telnet server! Maybe we could add a cute web client with socket.io...
Also, rather than getting Crystal Castles carts, from Atari-cave, we could just cram our awesome MUD in an atari cart: http://goo.gl/SjMkB Astroids is a buck on Ebay.
Tue, 10/16/2012 - 00:54
The article on troyhunt.com seems to have almost willfully misunderstood the XKCD password comic. Strong, memorable passwords are not mutually exclusive with a password manager. Indeed, as he acknowledges near the end, such a password is a requirement for successfully using a manager.
The biggest threat to password managers right now is malware – a program that copied your encrypted data files, combined with a keylogger, could steal all your passwords in one fell swoop. There's some evidence that this is already happening. On the balance I still think the benefits of a password manager outweighs the risk, but the risks are real.
Sat, 09/08/2012 - 05:06