On Thu, Jul 12, 2007 at 11:05:06 -0400, Roberto C. Sánchez wrote: >On Thu, Jul 12, 2007 at 12:28:33PM +0000, KLEIN Stéphane wrote: >> Hello, >> >> On my box, I use plain text to store my passwords but it isn't >> secure. What cli and/or web software can I use to store my password >> (account) in encrypted format ? What do you use ? >> >I would not go with web-based as it is far too insecure. I personally >like MyPasswordSafe, but it is Qt-based. I'm personally using KeySafe[1] (yes, shameless plug and yes I have a Debian package). Whether web-based is insecure or not depends very much on how the system is designed. Personally I consider storing a password encrypted by a master password on a server is secure enough as long as the master password never leaves my machine (which means encryption and decryption must happen locally). Implementing a pure JavaScript client would then allow me to access passwords in a browser anywhere in the world. At least if I trust the browser enough :-) /M [1]: http://therning.org/magnus/computer/keysafe -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus.therning@gmail.com http://therning.org/magnus
Attachment:
pgpmW0DKervJu.pgp
Description: PGP signature