To "kick it up a notch" (bam!) I have borrowed from a suggestion on one of the security mailing lists:
I have a password manager program (can't remember the name right now... it is for reference only, in case I get hit by a bus or get amnesia) but I keep two copies of the database on USB Memory Sticks. One copy is attached to my keys, which are janitor-chained to my belt, and another copy is in the vault with rest of the critical info. Glenn Sullivan, MCSE+I MCDBA David Clark Company Inc. -----Original Message----- From: Adam Shephard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 08, 2002 5:47 PM To: 'Jonas V.'; [EMAIL PROTECTED] Subject: RE: Security of Password-Managers Jonas, I've only read a bit about Oubilette in the past but it sounded like the encryption provided there was not bad-Blowfish, if I remember correctly. However, anytime anybody can get to all your passwords by cracking one of them you lose a certain amount of security. Basically, you have to balance what you want to protect against how much work you need to do to protect it. If it's something that should be highly secure, I wouldn't use a password manager at all. By the way, your English is fine. Considering that you are 12 and you have some basic knowledge of the concepts of password security and there are many English-speaking, network-managing adults who aren't even aware that you shouldn't install IIS if you don't need to serve web pages, you can speak any way you want! Adam -----Original Message----- From: Jonas V. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 07, 2002 11:37 AM To: [EMAIL PROTECTED] Subject: Security of Password-Managers Hello!! I want to use a password-manager like "Oubliette". Is this very insecure? I can choose a very hard master-password with more than 96 bits lenght. What encryption-algorithm and key-lenght use a program like this? Thanks for everything! Jonas Vondran <[EMAIL PROTECTED]> Please don't laugh about my english! I'm german and 12 years old.
