By jeyben
via techper.net
Published: Mar 25 2008 / 10:47
I have a rough sketch of an online password manager application in my head, but I want to hear your opinion about it beforehand. Especially about security, which I guess can be measured by letting you answer this question for me: Would you (dare) use the online password manager described here?
Comments
praveencasimir replied ago:
no way dude
rlamarch replied ago:
Reading though the comments at your site I think you have answered your own question. The gMail archiver that was emailing the author every users gMail id and password that was recently exposed was a good reality check. I use Password Safe, I see you've used KeePass. That running on a USB stick (and synched to my desktop for backup) gives me the flexibility I need and lets me sleep at night.
pulesen replied ago:
Yes you are right. I have it answered now. I would not dare myself, to use it. Not even my own coded solution.
I hadn't seen Password Safe, but took a look at it, and, given that it seems to come for Schneier (http://www.schneier.com/passsafe.html), I guess it is extra trustworthy :-)
jtheory replied ago:
Not a chance. Here's a better solution: put your password reminders on a slip of paper that you take with you when traveling. It's easy to make it cryptic enough that in the rare event that the paper gets stolen, they won't be able to figure out enough to do anything useful before you have a change to change the passwords. E.g., if my Skype password were 2b_||_!2b I could just put ky:william... anyone going to figure that out besides me? And I wouldn't even need to put the username....
I've never heard of any solution that can beat it. Even high-encryption software you'd install locally is vulnerable to a keylogger on your PC, to the distributors site being hacked (and the download being subtly changed...), etc..
Voters For This Link (7)
Voters Against This Link (5)