David E. Ross wrote on 4/28/2015 4:55 PM:
On 4/28/2015 11:52 AM, William wrote:
Bill Spikowski wrote:
Rick Merrill wrote:
Bill Spikowski wrote on 04/27/2015 8:46 AM:
No practical reason????????
What about seeing what one is typing when entering complex passwords?
Think especially about these situations: a lousy keyboard, like most
laptops; working in a dark area; using a touchscreen; people with
dyslexia, or poor typing skills; the visually impaired; or those
having several hundred passwords for different sites.
Oh, come: how about the wireless kbd that transmits the keycodes?
Is your office a TEMPEST design?
No idea what a TEMPEST office is.
Would never use a wireless keyboard.
I use LastPass myself, but I don't tell other people that my password
solution is the only valid one. Lots of people don't understand password
managers, or don't trust them; or are the only users of their computers,
and don't need the extra complexity.
I've been using Lastpass since someone pointed out that SeaMonkey's
password manager does not encrypt your passwords; good for looking a
forgotten one up, but not good for security. Before that I kept my
passwords in a blank field in the bookmark for the site, but typed
backward as my gesture to security.
I think lastpass keeps your passwords on your pc, but in an encrypted
form: when you need a password, their program undecrypts it, but
displays it as a series of asterisks. The problem I have is that some
enterprises that put out multiple programs (such as Intuit with Quicken
and Turbotax) have moved to having a single password for all their
programs and when you register for a second program (or often, it seems,
a new page in the program) Lastpass does not recognize the relationship
between the multiple programs, and cutting and pasting a bunch of
asterisks doesn't work. This user unfriendly scheme takes up a lot of
my time going to all the pages and entering a new password. The obvious
solution is to allow the user to see the password in unencrypted form
(you do need a password to get into Lastpass) but apparently they don't
recognize this as a problem.
SeaMonkey does indeed encrypt its saved passwords. The Password Manager
uses your master password as its encryption key, but the master password
itself is NOT saved.
But the use oa Master Password is optional.
--
Ed Mullen
http://edmullen.net/
Black holes really suck.
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey
