Drupaljohn
Thu 1 January 2009, 09:16 am GMT +0100
Ok, sick and tired of having so many usernames and paswords for the enteenth things I am registered for in the web.
Tried a free password manager program in the past but it was a lot of work too.
Is there an easier softer way to have my usernames and passwords all in one place, in alphabetical order, and possibly even enabling me to sign in to forums like these atomatically or semi automatically?
toy17s
Fri 2 January 2009, 04:50 pm GMT +0100
i think having a password manager defeats the purpose of trying to secure your accounts by using a few passwords as ti brings all your information to one place.
Nikolas
Sat 3 January 2009, 03:30 pm GMT +0100
In the past I thought to create a service for this, but later I abbandond the project because I had no time for it.
Until I find some time to create it, you can use pencil and paper :)
classylady
Thu 8 January 2009, 07:06 pm GMT +0100
i think having a password manager defeats the purpose of trying to secure your accounts by using a few passwords as ti brings all your information to one place.
Although there is some truth to this, what i would like to see is a password manager that uses strong encryption, automatic password changing reminders (ex: monthly) with an automatic password generator built-in. As one changes his/her password, you can set the program to go to every site relevant, change the passwords on each site, and you're all set!
If you write it down on a piece of paper, better to keep it on your person (secret compartment in one's wallet for example) with a text file of all written passwords encrypted on a file and stored on a flash drive can do the trick as well.
Nikolas
Fri 9 January 2009, 09:41 am GMT +0100
I was thinking another way to work around security. The user will have a central password which will be stored in SHA1 format in our database which means that we can't know the actual password of the user for our service (SHA1 is one way encryption, so even if our password manager service got hacked the hacker couldn't get anything)
Now all the passwords that the service holds for the user are encrypted, using the user's password as a key. So whenever a user logs in the password is kept in his/her session (maybe encrypted too) so it is possible to decrypt the passwords but in way that none can have access to it.
cash4trends
Mon 13 April 2009, 04:02 am GMT +0200
@Nikolas
You are right paper and pencil will be better.:)
chriscash01
Wed 15 April 2009, 11:07 am GMT +0200
i just use my memory., i keep it in mind, thats it. i dont use any program for it.,
ChiefLee
Sat 23 May 2009, 10:02 pm GMT +0200
I use KeePass.
Natalia1
Mon 25 May 2009, 03:28 pm GMT +0200
Hey Drupaljohn, I use 1password its really easy to manage and quick.
Natalia
YMC
Mon 25 May 2009, 05:07 pm GMT +0200
Wouldn't a clever malware program be able to grab the passwords when the person is viewing them?
I used to work for the government managing mainframes and was responsible for the system security. It was drilled into us to never write down passwords, even putting them in your wallet is risky. It was a practice I was still trying to maintain but the sheer volume of passwords I now manage makes it impossible to remember everything.
I now work from home and it was my mostly computer illiterate mother who suggested to write them down and keep them in a notebook. After all, who was I protecting them from? If someone breaks into the house it's highly unlikely they are going to be looking for passwords.
I also went ahead and created a notebook of all my sites, forum memberships and other net affiliations. At a glance I can see if a site is due for renewal, where it's hosted and even have a neat and tidy place to maintain keyword research lists and even new article ideas. I keep the changeable details in pencil and simply erase and replace.