Brett Hutley's Blog

I use Emacs and GnuPG to save my passwords to an encrypted file. I'm really happy with this, as I save the encrypted file in Dropbox, and I can decrypt it across all machines and Operating Systems, and it syncs automatically. My Emacs config looks as follows:

(setenv "GPG_AGENT_INFO" nil)
(require 'password-cache)
(require 'epa-file)
(epa-file-enable)
(setq password-cache-expiry (* 15 60))
(setq epa-file-cache-passphrase-for-symmetric-encryption t)

Continue reading “Emacs, gpg and pinentry on Mac”

It looks like my blog got hacked. I noticed that there were some weird posts related to an essay writing service, which I've now deleted. I'm not sure of the attack vector. I had a relatively weak password for my Wordpress user, which could have been the entry point. I'll have a look at the server this weekend and see what I find. At least it's prompted me to do some work on improving the security on the server and to do some software upgrades. I need to set up the letsencrypt certificates as well.

An easy way to generate a unique, memorable but secure password for each website or service you visit is to apply the following recipe:

Continue reading “Unique, Secure, Memorable Passwords”

I just read a very scary post about the dangers of using credit cards online. The author describes are disreputable companies are using sales through legitimate companies to steal your credit card information and get you to "opt-in" to payments. Although some of the technical details aren't quite right, the overall post is well worth reading.