[Chester LUG] Password manager
David Holden
dh at iucr.org
Wed Jul 18 17:39:24 UTC 2012
Hi Les gave it a try - very nice. But I'd be more likely to use it as an
extension. The "online" version may be running locally (javascript?) but
I think a user would be more confident he wasn't sharing his account
password and key if it was an extension.
Still the java app would be very worthwhile for sysadmins to share for
their daily password needs.
Cheers,
Dave.
On 18/07/12 12:51, Les Pritchard wrote:
> Hi Mike,
>
> Thanks for your thoughts. My problem was creating (or rather
> remembering) a new unique pass phrase for each site. If you use some
> form of pattern, once one is found an attacker would have more
> information to attempt access to others I own. Using a hardware device
> like the Yubikey is a nice idea and works well. Personally I wanted
> something that would work on any system without the need for carrying
> around additional hardware and would work on all smartphones.
>
> Obviously it's all about finding a solution that works for you. You seem
> to have it cracked with a nice solution. This app was something to solve
> my own need and hopefully it will help some others too.
>
> Thanks for looking
>
> Les
>
> On 18 July 2012 12:30, Michael Crilly <mrcrilly at gmail.com
> <mailto:mrcrilly at gmail.com>> wrote:
>
> I'll give it a try at some point, Les. Personally I use a pass
> phrase in my head (different ones for each service), combined with a
> static string that my Yubikey outputs. Two factor authentication
> with a physical aspect seems to be the best solution in my opinion.
>
> - MTC
>
> On 17 Jul 2012, at 13:49, Les Pritchard <les.pritchard at gmail.com
> <mailto:les.pritchard at gmail.com>> wrote:
>
> > Hi all,
> >
> > I mentioned at the last LUG meet that I've been working on a small
> > password manager app, well it's now available and it would be great if
> > some of you could take a look and try it out. The big difference
> > between this and the common 'password safe' type system is that this
> > tool never saves any passwords, so there's no central location to be
> > attacked or lost. It works by creating repeatable passwords for each
> > set of variables (your common password, pin and the name of the
> > account). Take a look at the website for more information about the
> > app and to download a copy - www.passeto.com <http://www.passeto.com>.
> >
> > There's a desktop app (Linux version of course!) and an online version
> > for when you're on the move. I'm going to add some more features in
> > the near future and hopefully produce a mobile app.
> >
> > Please take a look and email directly if you have any questions,
> > feedback or feature requests! It's not Open Source (yet) but is free
> > for all.
> >
> > Thanks
> >
> > Les
> >
> > _______________________________________________
> > Chester mailing list
> > Chester at mailman.lug.org.uk <mailto:Chester at mailman.lug.org.uk>
> > https://mailman.lug.org.uk/mailman/listinfo/chester
>
> _______________________________________________
> Chester mailing list
> Chester at mailman.lug.org.uk <mailto:Chester at mailman.lug.org.uk>
> https://mailman.lug.org.uk/mailman/listinfo/chester
>
>
>
>
> _______________________________________________
> Chester mailing list
> Chester at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/chester
>
--
Dr David Holden. (dh at iucr.org)
More information about the Chester
mailing list