On Sun, Nov 27, 2011 at 4:59 AM, Olivier BATARD <obat...@gmail.com> wrote:
Envoyé de mon iPhone > > Le 26 nov. 2011 à 18:43, Stephen Allen <marathon.duran...@gmail.com> a > écrit : > > > On Fri, Nov 25, 2011 at 04:21:52PM -0700, Bob Proulx wrote: > >> Olivier BATARD wrote: > >>> I'm just interested on how, after googling for a long time, on a > >>> debian, can we manage users's passwords. I mean how can we manage a > >>> password database on a web php site for example ? > >>> > >>> How do you manage your user's passwords database ? > >> > >> You have asked a very confusing question. It will ask different > >> questions to different people. > > > > Agreed. > > Ok my question is about how to manage user's password I mean how to > store user's password and let them access like keepass but web ? > > > > >> You asked specifically about a php web site. Every php web site that > >> has user logins that I have ever worked with has always had its own > >> unique password database with its own unique fields. This means that > >> each php web site needs to manage its own passwords through the > >> provided php web interface. Or you could access the database directly > >> such as through the command line or through phpmyadmin. > > > > Perhaps the OP means something like Keepass or LastPass which manages > user passwords in > > a web browser environment? > > Exactly. > > > > > I use LastPass which works fine on GNU/Linux and Google-Chrome and/or > Chromium. > > > > Anyone knows an offline tool like lastpass ? LastPass is online and KeePass is offline. Honestly, I would trust KeePass over LastPass. KeePass is opensource, freely available for multiple OS's and is actively maintained. LastPass is a commercial business, they offer a free and premium service, just remember that if they go all premium, you might have to pay to get your data back from them.[1] I'm a bit paranoid, but I go to great lengths to secure my KeePass DB. I have an sD card with a TrueCrypt volume on it, inside that lives KeePass in portable mode, with it's database. Which is also encrypted. [1] The reason I point this out is when they bought XMarks recently, they entertained the idea among the XMarks users about a premium only service, I know the friends that I have gotten to use XMarks and I voted no. XMarks essentially remained the same, but that can change at any time. > -- > Chris Brennan > A: Yes. > >Q: Are you sure? > >>A: Because it reverses the logical flow of conversation. > >>>Q: Why is top posting frowned upon? > http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ > GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ------------------------------------------------------------------------