Sick of passwords

Message

romka · #1 Post by **romka** » Wed Mar 28, 2007 8:14 pm

Guys,

am sick and tired of remembering passwords.

is there an application I can use which will integrate my fingerprint scanner with a password lookup/filler?

Primary point would be that the password file is accessible and able to be backed up. As nothing worse not remembering passwords for anything due to not typing them for a few years.

Something that would integrate with Firefox and any application would be great.

Any ideas?

thank you.

#2 Post by **jdhurst** » Wed Mar 28, 2007 8:26 pm

I use Password Corral. It is not as truly integrated as you wish, but I have hundreds of passwords in my database. I carry important related information in the comments fields. The database is in the registry encrypted, but is easily exported into an encrypted, passworded file that can be backed up. In fact, I keep synced databases on two computers. ... JDH

Temetka · #3 Post by **Temetka** » Wed Mar 28, 2007 10:37 pm

You could stop using passwords.

Go for the default "1..2..3..4" or "1..2..3..4..3..2..1" for sites/programs that require more then 4 characters.

I of course, am joking. I have about 2 dozen passwords that I use myself and have been for over 10 years. I just rotate them around in my head. They are all variations of a theme. So it's not like I am going to forget them any time soon.

Password management utilities are interesting oddities to me. So you have this app that holds all your passwords so you don't have to remember them, and to enhance security it has a password. That you forgot. It's like locking everything up, with the key inside. Great idea (I guess) but seems to be lacking on the implementation.

I long for the day when my DNA is my password. This way I am my password.

#4 Post by **jdhurst** » Thu Mar 29, 2007 5:05 am

Temetka wrote:<snip>
Password management utilities are interesting oddities to me. So you have this app that holds all your passwords so you don't have to remember them, and to enhance security it has a password. That you forgot. It's like locking everything up, with the key inside. Great idea (I guess) but seems to be lacking on the implementation.

One makes an absolute point of never forgetting three passwords:
1. The HD / Power on password to the ThinkPad.
2. The Windows userid and login password.
3. The password utility manager password.

In my case the three above are variations of each other (but secure and not the same). I just do not forget the above three.
... JDH

romka · #5 Post by **romka** » Thu Mar 29, 2007 8:08 am

I too have several passwords which I rotate

BUT

as was said - I prefer to make my fingerprint the password (or at least a hash lookup of one

)

so any more ideas?

cheers

Stargate199 · #6 Post by **Stargate199** » Thu Mar 29, 2007 9:44 am

I like the idea of using smart cards. It would be best if your government ID (driver's license, etc.) could be made into a smart card that you could use. Your ID would be your password for your computer. I have a friend in the military that his military ID also doubles as a smart card. This is truly better than any password because it is a physical item that is needed to access a computer. Mythbusters on the Discovery channel have proven that finger print readers can be easily be fooled with a photocopy of the users finger print.

teetee · #7 Post by **teetee** » Thu Mar 29, 2007 12:04 pm

On my laptop I use firefox and set the Master password. For each website I always tell the browser to remember the passwords. Once I type in the correct Master password then I don't have to type any password to access the website. Meanwhile I store my password files in a .rar password-protected file on my thumbdrive just in case I need the password on different computer or data restore someday.

pipspeak · #8 Post by **pipspeak** » Thu Mar 29, 2007 5:31 pm

It's annoying, ain't it?! It's not just the remembering of passwords but having to come up with some many new ones every time you join a new forum or such. I have to admit that I use the same password for a lot of "low security" web logons (like this site) where I have no personal information.

My current solution is to use encryption sofware to encrypt a simple text file with all my passwords in it. The advantage is that it is light software and the encryption cannot be broken because most use commercial encyption algorithms (blowfish etc.).

The two I use are Cryptainer and Truecrypt. Cryptainer has the advantage that you can take an encrypted exe file wherever you want so do not need the software installed if you need to access passwords on another machine. Truecrypt (www.truecrypt.org) is truely wonderful... extremely small file, free, open source, and has the option of some utterly bomb-proof 256-bit encryption algorithms.

k2jsv · #9 Post by **k2jsv** » Fri Mar 30, 2007 12:08 pm

I know it's not terribly secure, but I have 3 levels of passwords...

Computer login
Website logins
Banking logins

Each one has it's own unique password that is auto generated by a program someone made for me to create DES Encryption keys. Memorize and run like hell. Banking logins change monthly, or if I use a computer other than my own to log into my accounts.

k2jsv · #10 Post by **k2jsv** » Fri Mar 30, 2007 12:09 pm

pipspeak wrote:and has the option of some utterly bomb-proof 256-bit encryption algorithms.

If you are talking about AES-256 the NSA has a backdoor built into it which makes it 10 times easier to crack than DES. Thx for playing.

Pirx · #11 Post by **Pirx** » Fri Mar 30, 2007 1:08 pm

Might want to look into RoboForm. Pretty solid app, I've been using it for little over a year, couldn't be happier.

It holds all your passwords in an encrypted vault. This way you're only have to remember single complex pass in order to unlock and use the thing. It also allows auto (password) form filling on the web, which is very useful for online banking (I have very complex passwords there) and web site management.

Temetka · #12 Post by **Temetka** » Sat Mar 31, 2007 12:29 am

Stargate199 wrote:I like the idea of using smart cards. It would be best if your government ID (driver's license, etc.) could be made into a smart card that you could use. Your ID would be your password for your computer. I have a friend in the military that his military ID also doubles as a smart card. This is truly better than any password because it is a physical item that is needed to access a computer. Mythbusters on the Discovery channel have proven that finger print readers can be easily be fooled with a photocopy of the users finger print.

Yes comrade, I want too want a gov't issued smart card.

Niet.

pipspeak · #13 Post by **pipspeak** » Sat Mar 31, 2007 1:34 am

k2jsv wrote:If you are talking about AES-256 the NSA has a backdoor built into it which makes it 10 times easier to crack than DES. Thx for playing.

Heh. AES is one of the options there are others such as twofish and serpent. And, of course, 128 bit-block is only worthwhile if you have a sufficiently long pass key, like 10 random words long, which most peope don't!

Anyway, I really don't care if the NSA cracks my online banking password. After all, what the NSA wants the NSA gets these days. If it really wanted to I'm sure it could get anything information at the drop of a hat, from bank transactions to full ISP monitoring. Even if I bounced through 10 proxy servers it could probably figure out what i was typing right now.

Temetka · #14 Post by **Temetka** » Sat Mar 31, 2007 1:57 am

Only if you were doing something significant enough to attract their [unwanted and unwarranted] attention.

k2jsv · #15 Post by **k2jsv** » Sat Mar 31, 2007 12:04 pm

You have no idea how much they watch.

Temetka · #16 Post by **Temetka** » Sat Mar 31, 2007 2:29 pm

Actually I do.

However since this board is dedicated to laptops, and not gov't conspiracy theories I don't bring that up much.

Sick of passwords

Sick of passwords

Who is online