Comments on: How to choose a root password that you’ll remember

By: simpsonjulian

simpsonjulian — Fri, 03 Apr 2009 10:23:54 +0000

@ken – I did penance and wrote a new post.
@jtf – fair point – although it does remind me of the passwords that compuserve would hand out with their free floppy disks in the 90s. Maybe I was the only one to actually use those …

By: Don’t be disco, use sudo | The Build Doctor

Don’t be disco, use sudo | The Build Doctor — Thu, 02 Apr 2009 22:25:31 +0000

[...] comment from Ken Mayer on my post about root passwords: No one should ever use “root” for anything except single-user mode emergencies and initial [...]

By: Ken Mayer

Ken Mayer — Thu, 02 Apr 2009 11:29:29 +0000

I respectfully disagree with the premise.

No one should ever use “root” for anything except single-user mode emergencies and initial configuration. Make it a long string of random characters and store it in a safe or encrypted on a secure hard drive. Make it unique for every box. Then forget about it.

Use sudo instead. Leaving sudo’s arcane configuration syntax aside for the moment, using sudo means every action is logged with a real person’s name and a time stamp. Another good reason: you don’t have to change the root password if someone quits or is fired.

Use a password vault (like 1Password for the Mac — there are many others). Make every single password unique, long and as random as possible. Then make your master password really hard to guess, but easy to remember (the first letter of each word from a long sentence, FIPS standards, two random words glued together by a figure or gliph, the suggestions here). And just in case you’re run down by the Budweiser Beer Wagon one day, write it down and put it in a locked safe — to be opened when you are beyond caring.

By: Jeffrey Fredrick

Jeffrey Fredrick — Thu, 02 Apr 2009 07:26:53 +0000

That seems a bit retro, like you’ve got a limited number of characters for your password. Why not “PeetsCoffeeTea1!“?