Weblog entry #3 for yaarg

See all weblog entries made by yaarg.

XML logo

#3
password safe software?
Posted by yaarg on Mon 15 May 2006 at 16:53
Tags: none.
Does anyone use 'password safe' software and care to make a recommendation?

I figured it's about time I got serious about online security and started using different passwords for every site I use and to additionally keep track of every site I sign up for in the first place. I know this feature is available within in Firefox but I'd prefer a standlone and more robust solution (can use it for keeping things like ssh login details too).

Cheers,

James
[ 7 Comments | Add Comment | XML logo ]
<<< Previous Next >>>

 

Comments on this Entry

#1
Re: password safe software?
Posted by eric (82.255.xx.xx) on Mon 15 May 2006 at 18:59
[ Send Message | View Weblogs ]
I use revelation (http://freshmeat.net/projects/revelation/) which is a password manager for Gnome. I think it's secure because it use an AES encrypted file, but haven't study the code to check it.
It works pretty good, and now i can't live without... because now i use a really different password for each need (website, forum, IM, database, login, etc....), but still don't use it for my principals shell logins (home, work, firewall). The only problem is when i'm not at home on a win$ computer, i can't open my file... so bad :-(

:eric:
http://blog.sietch-tabr.com

[ Parent | Reply to this comment ]

#2
Re: password safe software?
Posted by Steve (82.41.xx.xx) on Mon 15 May 2006 at 19:53
[ Send Message | View Steve's Scratchpad | View Weblogs ]

I use the command line tool pwsafe. It will copy passwords and usernames into the X clipboard if you want it to, which can be handy.

Basic usage is:

# add an entry
pwsafe --add

List all entrise:

$ pwsafe --list
websites.advogato.org
websites.advogato2.org
websites.skx.livejournal.com
websites.slashdot.org
...

Listing a username + password to the console:

$ pwsafe --list -up -E advogato.org
Going to print login and password to stdout
username for websites.advogato.org: skx
password for websites.advogato.org: xxxxxx

Without the "-E" it will paste the username into your clipboard, then once pasted the password.

Pros: In debian, backport available on my site or elsewhere, and simple. The only file it touches is ~/.pwsafe.dat. It will also generate passwords for you.

Cons: No GUI, though there is an Emacs mode. Not portable to windows. Minimal interface.

I was vaguely thinking of writing about it properly here soon, but I've been busy..

Steve

[ Parent | Reply to this comment ]

#3
Re: password safe software?
Posted by yaarg (62.49.xx.xx) on Tue 16 May 2006 at 10:16
[ Send Message | View Weblogs ]
Yeah I like the sound of that program. A curses interface might be a bit nicer with convenient key bindings though for slightly quicker and easier usage. adds project to list

[ Parent | Reply to this comment ]

#4
Re: password safe software?
Posted by Anonymous (80.137.xx.xx) on Tue 16 May 2006 at 21:10
I use "MyPasswordSafe". Nice QT-Interface, copies Passwords to Clipboard, easy to use. Uses Blowfish to encode Files.
And for extra security, I keep the password-file on an encrypted USB-Stick, so I may take it with me...

[ Parent | Reply to this comment ]

#5
Re: password safe software?
Posted by Anonymous (212.202.xx.xx) on Thu 18 May 2006 at 09:59
To be honest, the best solution is to build upon wide-spread and well tested encryption technology, which also have a certain amount of tools available, and not just libraries. Considering that, I can recommend using GnuPG - The GNU Privacy Guard.

Use a simple text file or any other file format of your choosing and encrypt it using gpg. Personally I use a normal ascii file, and I give it the file extension .gpg so I can use vim with its GnuPG plugin:
http://www.vim.org/scripts/script.php?script_id=661

-paul

[ Parent | Reply to this comment ]

#6
Re: password safe software?
Posted by Nik_Doof (62.24.xx.xx) on Fri 19 May 2006 at 18:19
[ Send Message | View Weblogs ]
I use Password Safe (http://passwordsafe.sourceforge.net/), available for Win32 and Java. Quick and gets the job done, with some added Blowfish jiggerypokery.

-- Andrew Williams

[ Parent | Reply to this comment ]

#7
Re: password safe software?
Posted by tobbe (85.228.xx.xx) on Mon 22 May 2006 at 07:01
[ Send Message ]
I use KeePass. http://keepass.sourceforge.net/
It is originally a Windows Application but it has been ported to Linux, MacOSX and PocketPC. I still have to use Windows and have a PocketPC so it is very convinient for me to have a password database that I always have easy access to regardless what operating system I use.


[ Parent | Reply to this comment ]

User Login

Username:

Password:

[ Advanced Login ]

Register Account

Quick Site Search