The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.

Recommend online password repositories?

supabeastsupabeast Registered User regular
edited December 2008 in Help / Advice Forum
I’m looking for some sort of online password repository where I can collect important passwords so that I can use long random passwords without relying on a single device that could lose or be destroyed. Or would I be better to just stash an encrypted text file on one of my external servers?

supabeast on

Posts

  • BoomShakeBoomShake The Engineer Columbia, MDRegistered User regular
    edited December 2008
    I've been using this:
    SuperGenPass
    It's a bit of javascript that will take a password you give it, your master password, and generate a random string of letters and numbers based on that master password and the domain of the site you're at. It works as a bookmark, so you just bring it up on whatever site you want.

    It's really convenient for three reasons. The first is now I can have long random passwords that are different for each site. The second is that there's a moble version, so you can calculate your passwords if you're not at your home computer with the passwords saved in a browser. The third is that the passwords are not stored with anyone else or in any sort of text/database file.

    BoomShake on
  • EverywhereasignEverywhereasign Registered User regular
    edited December 2008
    All password systems have downsides.

    The downside of SuperGenPass, is that if anyone. (Say one of your friends) shoulder surfs your master password and sees that you use SGP, they now have access to all your shit, assuming they can get your usernames. But it has the advantage that anyone who doesn't know, will just see you enter a password into the field, and then hit a keyboard combo to activate the bookmarlet. It's a really good system actually.

    I use an encrypted text file on my computer for my most common passwords (about 7-8 of them), I can access this from anywhere. Once I've gained access, each password is coded so that only I know which password goes to what. An example would be "pA3F4g5tss" the pA at the beginning indicates Penny Arcade and isn't actually part of the password. My banking password could end with "BA". Because I'm only dealing with 7-8 frequently used ones it's easy to remember my "code" for each password. This is just to ensure that I can use long strings of numbers/letters/caps.

    For all the various rare ones, I use an encrypted file saved locally. It is a much clearer database, but you can only access it from my personal computer.

    So the downside of mine, is that I only have access to 7-8 passwords when I'm away from home. I have to rely on my own brain to remember my "system" and hope I don't forget that Di6 means "Digg".

    The downside of my local file is that if it is stolen/copied and cracked, it will give someone access to every single password I own.

    It really depends on how much security you need. You always have to sacrifice convenience for security.

    Everywhereasign on
    "What are you dense? Are you retarded or something? Who the hell do you think I am? I'm the goddamn Batman!"
Sign In or Register to comment.