#. User registers an account with a careless service, eg Facebook, Yahoo,
Google, Equifax etc. etc.
-#. The service is hacked and the password database is leaked
-#. The hacker logs in to the email accounts
+#. The service is hacked and the password and email is leaked
+#. The hacker logs in to the email account
#. The hacker resets passwords on all important accounts tied to that email
address
* Tr0ub4dor&3 -> 28 bits of entropy, hard to remember
* correct horse battery stable -> 44 bits of entropy, easy to remember
-Use passphrases everywhere you have to remember.
+If you have to remember it, use a passphrase.
-Generate passphrases with Diceware
-==================================
+Generate passphrases with Diceware_
+===================================
1. Roll 5, 6 sided, *physical* dice
2. Read the numbers left to right
3. Find the word with that number on a list 6^5 (7776) words
green address bar, or a green lock icon or similar in your browser
* Use two factor or two step authentication everywhere if possible
* Turn of automatic image rendering. Better still, disable HTML rendering and
- authoring entirely
+ authoring entirely in your email client
* Be suspicious of *all* emails. Risky things: HTML email, images, unknown
sender, poor spelling/grammer, 'Your email client can't display this email,
click here to view in your browser' or similar attempts to coerce you to click
on things
+
+Resources
+---------
+
+`EFF notes on Diceware`_ They generally have good advice for these kinds of
+topics.
+
+`This Presentation`_
+
+`Keepass`_, an offline password manager
+
+`1Password`_, a pay to use password manager with some nice features
+
+`LastPass`_, an online password manager with a gratis tier
+
+.. _Diceware: http://world.std.com/~reinhold/diceware.html
+.. _EFF notes on Diceware: https://www.eff.org/dice
+.. _This Presentation: https://git.friedersdorff.com/max/intro_dice_and_pmgmnt
+.. _Keepass: https://keepass.info/
+.. _1Password: https://1password.com/
+.. _LastPass: https://www.lastpass.com/
+
+
+.. target-notes::