Keeping passwords safe
Passwords are a pain.
Personally I keep track of dozens, from network signons to admin
accounts to websites. Even a razor-sharp brain won't cut it, and mine
definitely has a few dull edges. Instead, I rely on Password Safe.Password Safe is an open source project that allows users to keep all their passwords in one place, securely encrypted with a single safe combination. It uses the Twofish cipher and was created in part by security maven Bruce Schneier.
Of course the whole thing falls apart if you encrypt the database with a stupid password like "ELVIS". Forget password, think passphrase, the more memorable but more obtuse, the better. And please, please don't come up with a clever passphrase and then stick it to the monitor with a Post-It note!
Password Safe is primarily Windows based but you'll find a host of related projects for a wide variety of operating systems here. And the Windows version works fine with Wine -- all except for the virtual keyboard, which I never use anyway!
Comments
oscar: Check it out!
http://www.schneier.com/twofish.html
Posted by: Geoff | November 13, 2009 9:07 AM
this Twofish cipher algoritm is secure?
Posted by: oscar | November 12, 2009 10:17 PM
Personally I use Keypass portable.
It's open source licence free and does not require installing thus runs from a USB thumbdrive.
The Database is easiy to back up - just copy and paste and restore made the same way.
It uses double encryption and supports passphrase as well as generating passwords for you if required.
PLEASE, do not copy and paste passwords: all the ungodly need to do in your absense is paste whatever you have copied into a new document and they will have your password.
Posted by: MikeP | August 11, 2009 1:14 PM