On Fri, Jul 19, 2013 at 12:33 PM, Tyson Sawyer <ty...@j3.org> wrote: > On Fri, Jul 19, 2013 at 12:19 PM, Peter M. Petrakis > <peter.petra...@gmail.com> wrote: > > Besides the notebook next to my computer (yup I admit it!) I'm migrating > > to this, https://www.passwordcard.org/en. > > If I understand correctly, that system would make brute force easy if > someone got their hands on a copy of the card and knew what to do with > it? ...i.e. lost wallet. >
And if you lose that paper, do you have another copy? I like having my address book in Outlook, my blackberry, my Palm, Google, a printout, etc. I can lose any one and still have a recent copy. > > With things like KeePass, the security isn't in any service. Its in > the encryption of the database file. You can optionally choose to use > a DropBox type file share/sync service. ...but the security is still > in the encryption of the file, not the security of the file share > service. > I like KeePassX on Linux and variations on Android, Windows, iOS and BlackBerry. I think WinCE and Java ME phones are covered also. > > I use KeePass and KeePassDroid with a cloud based file sync between > devices. > > And for those devices that can't do that (phones?), you at least get to carry a read only copy from a past database with you. I used to use an app on a Palm for that. If you do use a cloud servers to copy the DB everywhere, make sure you use a long enough key. There are pre made hashes for passwords up to 8 characters already out there. In formats for /etc/shadow, SAM, keypass, etc... On another note, I had my mother keep her passwords in Keepass and share the master key with me. She passed away last fall and I was able to access her accounts to preserve them.
_______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
