where to store your passwords ?

For everything that's not in any way related to PureBasic. General chat etc...
Little John
Addict
Addict
Posts: 4519
Joined: Thu Jun 07, 2007 3:25 pm
Location: Berlin, Germany

Re: where to store your passwords ?

Post by Little John »

Regardless what way you choose, there is always a weak point. Some methods are less weak than some others, though.

I'm using the portable version of KeePass Professional (free and open source). The database that contains my passwords is encrypted and protected by its own password. That means, I have to remeber only this one passwort.
One copy of the program and my database is at home on the hard drive of my PC, another copy is on a USB pen drive which I always take with me when I'm going to work etc.

It's possible -- but very unlikely -- that I'd lose that USB pen drive. In that case I still have the copy on my PC. And if someone finds the pen drive, s/he could not easily read my passwords, because they are stored in an encrypted database.
PB
PureBasic Expert
PureBasic Expert
Posts: 7581
Joined: Fri Apr 25, 2003 5:24 pm

Re: where to store your passwords ?

Post by PB »

> it's necessary to remember a bunch of rules

Not so. You can use one rule if you want.

> You're always reading sequentially in one of eight directions

Nope, you don't get it. Nothing is sequential if you don't want
it to be. You can make all your passwords zig-zagged, or in a
spiral, etc. I already explained all this. Plus, the password can
be from 1 to X chars long. Where did you pull 8 from? You're
totally not getting it. :)

> A dictionary created from the card containing less than 10k
> entries would contain all your passwords

Again, you're not grasping its concept properly. That single
card is capable of storing over 48,000 passwords if we used
just its first line ALONE. And that's just using left-right as
the direction on the first line. And there's 9 lines, so that
comes to over 432,000 passwords using left-right with all
lines. Now, add up-down, zig-zag, whirls, and the number
of possible passwords more than MILLIONS.

> Regardless what way you choose, there is always a weak point

Weak points apply to technical limitations, not your brain.
Of course, a weak point with your brain would be the old
rubber-hose cryptanalysis technique. ;)
I compile using 5.31 (x86) on Win 7 Ultimate (64-bit).
"PureBasic won't be object oriented, period" - Fred.
User avatar
Kuron
Addict
Addict
Posts: 1626
Joined: Sat Oct 17, 2009 10:51 pm
Location: Pacific Northwest

Re: where to store your passwords ?

Post by Kuron »

PB wrote:... would be the old
rubber-hose cryptanalysis technique. ;)
Beat somebody with a rubber hose until they tell you their password?
Best wishes to the PB community. Thank you for the memories. ♥️
BorisTheOld
Enthusiast
Enthusiast
Posts: 542
Joined: Tue Apr 24, 2012 5:08 pm
Location: Ontario, Canada

Re: where to store your passwords ?

Post by BorisTheOld »

PB wrote:> it's necessary to remember a bunch of rules

Not so. You can use one rule if you want.
I was thinking in terms of having to remember the reference point, direction, and number of characters, for each online account. Plus one needs to carry the key card, in real or virtual form.

It seems like a lot of trouble to go to when it would be just as easy to remember the passwords.

A true story:

I once installed one of my packages with a temporary password, and explained to the customer that he would need to use the password to change the preferences. I told him that the password was "secret", but he could change it via the preferences screen. He nodded and said, "Ok". About five years later he phoned me and asked if I could change the preferences when I was next in the building. I reminded him that he had the password and could do it himself. He responded, "No I can't -- you told me the password was secret".
For ten years Caesar ruled with an iron hand, then with a wooden foot, and finally with a piece of string.
~ Spike Milligan
Zach
Addict
Addict
Posts: 1654
Joined: Sun Dec 12, 2010 12:36 am
Location: Somewhere in the midwest
Contact:

Re: where to store your passwords ?

Post by Zach »

I recently started using LastPass
Image
Little John
Addict
Addict
Posts: 4519
Joined: Thu Jun 07, 2007 3:25 pm
Location: Berlin, Germany

Re: where to store your passwords ?

Post by Little John »

PB wrote:> Regardless what way you choose, there is always a weak point

Weak points apply to technical limitations, not your brain.
Oh, e.g. forgetfulness does not exist? So what's all the fuss about?
Then just remember your dozens of passwords, and you are done.
PB
PureBasic Expert
PureBasic Expert
Posts: 7581
Joined: Fri Apr 25, 2003 5:24 pm

Re: where to store your passwords ?

Post by PB »

> Beat somebody with a rubber hose until they tell you their password?

Yep. https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis
I compile using 5.31 (x86) on Win 7 Ultimate (64-bit).
"PureBasic won't be object oriented, period" - Fred.
User avatar
electrochrisso
Addict
Addict
Posts: 980
Joined: Mon May 14, 2007 2:13 am
Location: Darling River

Re: where to store your passwords ?

Post by electrochrisso »

PB wrote:> Beat somebody with a rubber hose until they tell you their password?

Yep. https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis
:| :) :lol:
PureBasic! Purely one of the best 8)
coco2
Enthusiast
Enthusiast
Posts: 368
Joined: Mon Nov 25, 2013 5:38 am
Location: Australia

Re: where to store your passwords ?

Post by coco2 »

Double or triple encrypted passwords seem fine to me. For example serpent encrypted inside AES encrypted.
jack
Addict
Addict
Posts: 1336
Joined: Fri Apr 25, 2003 11:10 pm

Re: where to store your passwords ?

Post by jack »

use a password generator, you have a long phrase that you know well and can't forget as your seed that you use to generate unique passwords for different forums or other sites.
PB
PureBasic Expert
PureBasic Expert
Posts: 7581
Joined: Fri Apr 25, 2003 5:24 pm

Re: where to store your passwords ?

Post by PB »

> forgetfulness does not exist?

I was referring to weak points in the context of others
getting your password from you. With a file, it can be
hacked. Your brain can't.
I compile using 5.31 (x86) on Win 7 Ultimate (64-bit).
"PureBasic won't be object oriented, period" - Fred.
IdeasVacuum
Always Here
Always Here
Posts: 6425
Joined: Fri Oct 23, 2009 2:33 am
Location: Wales, UK
Contact:

Re: where to store your passwords ?

Post by IdeasVacuum »

Your brain can't.
. Hang on PB, you already referenced Wikipedia to show that it can be hacked :D
A well encrypted file is a very difficult animal to hack, almost impossible. Most hackers are not going to have the hardware/time/patience - and they don't need to, since they have a list of millions of potential victims free-of-charge from Sony etc. Any sign that your file is well guarded and I think most hackers will just move on to the next Joe.
IdeasVacuum
If it sounds simple, you have not grasped the complexity.
Little John
Addict
Addict
Posts: 4519
Joined: Thu Jun 07, 2007 3:25 pm
Location: Berlin, Germany

Re: where to store your passwords ?

Post by Little John »

PB wrote:> forgetfulness does not exist?

I was referring to weak points in the context of others
getting your password from you.
You did not write that in your regarding reply. You answered in a general sense to a sentence of mine, which was about weak points of password usage and management in general. Others getting your password from you is only one aspect of the whole story.
Last edited by Little John on Tue Jun 10, 2014 12:59 pm, edited 1 time in total.
rsts
Addict
Addict
Posts: 2736
Joined: Wed Aug 24, 2005 8:39 am
Location: Southwest OH - USA

Re: where to store your passwords ?

Post by rsts »

For all practical purposes, an aes encrypted file is unhackable.
User avatar
Danilo
Addict
Addict
Posts: 3037
Joined: Sat Apr 26, 2003 8:26 am
Location: Planet Earth

Re: where to store your passwords ?

Post by Danilo »

PB wrote:With a file, it can be hacked. Your brain can't.
For future prospects, watch the 2013 movie: Elysium ;)
Post Reply