Password Manager - Any suggestions?
A friend has reached the limit of his memory capacity on passwords that he can remember and asked me for advice. Since I have not reached my limit, I turn to HN and ask for advice too. Operating Systems of Interest are Linux and Windows (in this order of preference).
9 comments
[ 2.7 ms ] story [ 28.2 ms ] threadThe password database that KeePass uses can be accessed from linux and windows. For Linux you'll need KeePassX.
Other pluses:
+The software is portable.
+Generates super strong passwords.
+Along with the password to access your password database, there is an option to have a "key file" required. You put this file onto something like a jump drive, making it necessary to have your password and the jump drive if you want to access the database. I have a spare keyfile on a CD in my deposit box at the bank.
----
Addendum/Protip: If you know an alternative keyboard layout like colemak or dvorak, you can easily make pretty secure passwords for, say, a login screen at work: type your password on the Qwerty layout as if it were the alternate keyboard layout.
For instance. WeakPassword on Colemak is WkanRaddw;sg on Qwerty. Then, when the desktop loads, so will your alternate layout and everything will be normal.
If paranoid, or worried about “shoulder-surfing”, the passwords could be obfuscated in some simple way. Examples: swap the first pair of digits, or swap case, or add a constant to all numbers. This would buy time if the wallet were stolen.
There are those that say passwords should never be written down, but I'm not alone on keeping them in a wallet:
http://software.silicon.com/security/0,39024655,39130618,00.... http://www.schneier.com/blog/archives/2004/12/safe_personal_...
http://keepass.info/download.html
I haven't tried installing it on a phone.