![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Tooling through the night...
Nov. 30th, 2004 06:11 amIt occurs to me that I am nearing the end of my gig here in Houston. Once I finish tonight's work, I'll have three shifts left and then it's addio Texas! There'll undoubtedly be a ton of things to get done once I get back to Pagosa, not the least of which will be to catch up on all the paper that needs chasing ASAP.
Of course, there's a bit of paper -- in the form of invoices -- that needs to be taken care of down here first. Once I deliver the two invoices now on my laptop, the month is going to look a lot better; in fact, almost normal (although given my druthers, I'd "druther" avoid months where 50% of my total billings are booked on the 30th). Then again, a lot of how that plays out will depend on how the months on either side shape up.
I made some calls today and tightened up my expenses on Internet hosting (reduced the service level on one account, killed another). There's additional slack to take up in that area, but I'll pursue that once I get back to Pagosa.
One big step in the direction of progress had to do with figuring out and implementing changes to my work domain's DNS record that would allow my current ISP to continue to host my commercial (hmph, not very) web site, while at the same time vectoring all my e-mail to my Fastmail account. I've dealt with Fastmail as a paying member for over a year, and as a result of my travels, I've found myself becoming increasingly reliant upon their Web-based service (while at the same time becoming disenchanted with my home-rolled, (relatively) high-maintenance, ssh-based solution involving a Linux box that runs 24/7 in my office). I'm also liking the way Fastmail has enhanced its service lately, offering a fairly straightforward method of uploading and making files available, as well as a tier of membership that includes 2 GB of mail storage without the additional "features" offered by gmail.
* * * The Internet is mad about passwords. It seems half the sites you visit want you to set up a name and password before they let you in, and while this makes sense for banks, it doesn't make sense if all you want to do is find out about the features of a software package.
The conventional rules about passwords make sense, but only if you have one or two passwords to worry about. Here at JSC, for example, the rules enforced for password selection are something along the lines of: no names, dates, phone numbers, or anything that means anything to you; no words that could be found in a dictionary, and so on. Ideally, goes the policy, one's password ought to be a random collection of symbols. To help you along, the system checks to make sure that your password contains at least one lower-case letter, at least one upper-case letter, at least one number, and at least one punctuation mark. To make sure nobody can guess your password over time (this, despite the fact you get locked out if you screw up password entry three times), you are required to also change your password every 90 days, and new passwords are checked to make sure they aren't simple variations of previous passwords.
Ye gods.
I used to keep all my passwords on my Palm computing device, encrypted using a hack called ReadThis!, but primo, HackMaster does not appear to work under newer Palm OS versions, and segundo, I really don't want to have to make my Palm a permanent part of what I carry around with me. Anyone know of a reasonably secure, paper-based scheme for securing passwords that doesn't involve, like, one-time pads or having to shuffle decks of playing cards?
Cheers...
Of course, there's a bit of paper -- in the form of invoices -- that needs to be taken care of down here first. Once I deliver the two invoices now on my laptop, the month is going to look a lot better; in fact, almost normal (although given my druthers, I'd "druther" avoid months where 50% of my total billings are booked on the 30th). Then again, a lot of how that plays out will depend on how the months on either side shape up.
I made some calls today and tightened up my expenses on Internet hosting (reduced the service level on one account, killed another). There's additional slack to take up in that area, but I'll pursue that once I get back to Pagosa.
One big step in the direction of progress had to do with figuring out and implementing changes to my work domain's DNS record that would allow my current ISP to continue to host my commercial (hmph, not very) web site, while at the same time vectoring all my e-mail to my Fastmail account. I've dealt with Fastmail as a paying member for over a year, and as a result of my travels, I've found myself becoming increasingly reliant upon their Web-based service (while at the same time becoming disenchanted with my home-rolled, (relatively) high-maintenance, ssh-based solution involving a Linux box that runs 24/7 in my office). I'm also liking the way Fastmail has enhanced its service lately, offering a fairly straightforward method of uploading and making files available, as well as a tier of membership that includes 2 GB of mail storage without the additional "features" offered by gmail.
The conventional rules about passwords make sense, but only if you have one or two passwords to worry about. Here at JSC, for example, the rules enforced for password selection are something along the lines of: no names, dates, phone numbers, or anything that means anything to you; no words that could be found in a dictionary, and so on. Ideally, goes the policy, one's password ought to be a random collection of symbols. To help you along, the system checks to make sure that your password contains at least one lower-case letter, at least one upper-case letter, at least one number, and at least one punctuation mark. To make sure nobody can guess your password over time (this, despite the fact you get locked out if you screw up password entry three times), you are required to also change your password every 90 days, and new passwords are checked to make sure they aren't simple variations of previous passwords.
Ye gods.
I used to keep all my passwords on my Palm computing device, encrypted using a hack called ReadThis!, but primo, HackMaster does not appear to work under newer Palm OS versions, and segundo, I really don't want to have to make my Palm a permanent part of what I carry around with me. Anyone know of a reasonably secure, paper-based scheme for securing passwords that doesn't involve, like, one-time pads or having to shuffle decks of playing cards?
Cheers...
