WinZip to the rescue
David Cantrell
david at cantrell.org.uk
Fri Nov 23 14:28:13 GMT 2007
On Fri, Nov 23, 2007 at 01:45:21PM +0000, Nicholas Clark wrote:
> Secondly, I was assuming that a phone call (providing each party recognises
> the other's voice) is more secure than a fax, if you care about other
> individuals inside the receiving building (possibly unauthorised)
> intercepting and copying the password, as typical fax machines aren't
> securely located. Although "secure password" probably contains things that
> are hard to spell out, which might make that a bad plan.
A good password is both hard to guess and easy to remember. Random
strings of characters are hard to remember. The best scheme I've ever
seen is the one that Compuserve used to use - have a big dictionary,
pick two words at random, and glue them together with a number or
punctuation character. So your password is relieves8breakfast instead
of hm4d>`*>g5.
And yes, there's nothing wrong with Winzip 9 for this situation, but fax
is bad. I'd phone the person to whom you're sending the encrypted list a
few minutes later, confirm that the email has arrived, perhaps asking for
a magic word in plain-text in that email, and then tell them the
password.
--
David Cantrell | Official London Perl Mongers Bad Influence
I think the most difficult moment that anyone could face is seeing
their domestic servants, whether maid or drivers, run away
-- Abdul Rahman Al-Sheikh, writing at
http://www.arabnews.com/?article=38558
More information about the london.pm
mailing list