Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

KeePass


  • Please log in to reply
16 replies to this topic

#16 DaveyCS

DaveyCS
  • Topic Starter

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Local time:06:01 AM

Posted 08 May 2009 - 04:35 PM

Well I have 360 3.0V now. I'm just wanting to see how it does.. I will try that with pass words. I have some were in the neighbor hood of 30. I have about 80 written down. They stay with me.
Wife got ticked, So I put some in so she could go to her sites. I want to do away with their pass word protection. I want to use a generator. I do have one that use the same pass word but scrambles it for ever site. I don't know about that yet. The name is Pass word Scrambler. Ever hear of it???
I do have that unchecked. So I can see, what happens now.
What I meant in PM is about the way I feel !!! My line of work it can get to you....

I will check out the pass words this week end because I'm suppose to be off????? :thumbsup: :flowers: :trumpet:

Thank You Again.

"Thank You Very Much".........

Davey Crockett Sr

BC AdBot (Login to Remove)

 


#17 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:01 AM

Posted 09 May 2009 - 09:48 AM

Hey Davey, sorry for the delay--we had a big oak tree fall over in the community cemetery and getting it cleaned up and made into firewood is taking up my time and making me tired and sore.

Is this the Password Scrambler program you are referring to?
http://www.onepassword.com/

If so I don't think very much of it. Mainly because it makes it sound like it can do something that it can't and is impossible if you think about it. You can scramble a password on your end, but how is the person (or server in this case) supposed to know what the password is if you don't register it beforehand? All that program is is a password manager that doubles as a form filler, much like RoboForm. I believe I commented on those earlier somewhere. This one seems to be more secure than RoboForm but many aren't and automating logins can cause more problems than doing it manually. Websites have to fight against automatic logins of spammers and other security concerns, so they won't always work and in these cases a "manual" login is quicker anyway.

I also think it leads to confusion on how password managers work. Password Scrambler's main selling point is that, instead of having the same password on many sites, you can have different ones but you only have to remember one password. That is basically what any password manager will do. The most secure passwords are long random ones--one or two of these you might be able to remember. But when you have more than that, all random, it is impossible to remember unless you are some kind of savant like Rain Man. So one aspect of a password manager is a memory aid. It lists your passwords in an encrypted file that can only be decrypted by the one master password.

It sounds to me like they are calling their password generator a scrambler. Don't confuse the two. All a generator is is a method of coming up with a random password. Once you get that, and enter it as your password when you register at whatever site, you have a secure password. Password Scrambler remembers these passwords and has them stored somewhere, and will attempt to fill in the password when you visit the site. If you store the random password in a "manual" PM like KeePass, you have to copy over the information in the forms to log in--also after entering the master password. So it's the same thing. You're entering a unique password for each site after entering a master password--it just takes a few seconds longer with a "manual" PM like KeePass. Nice thing about KeePass is you can use drag and drop so it makes it even easier than others.

In the Password Scrambler FAQ they recommend that you never copy to clipboard, implying that their way is more secure. However, KeePass, and other good PM's clear the clipboard of your password after certain number of seconds--I think mine is set at 10.

I mentioned earlier that KeePass has its own password generator but implied it may not be so easy to use. Actually it generates a random password automatically when you create a new "record". How to set the characteristics of the random password is what is not so easy to find. To get to those setting go to Tools, Password Generator.

Well, time to go cut some more. Look KeePass over and decide if you really want it or a form filler or not. I think you can do more and more securely with KeePass. One other thing is you can make a database file just for your wife and the passwords she uses--with it's own master password. Also KeePass isn't dependent of your browser running, so you can store any kind of sensitive information in a relatively secure way.

Will post back as soon as I can.

The thing about people

is they change

when they walk away.--Mipso





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users