Re: Update: Re: Password Manager opinions and recommendations

To: debian-user@lists.debian.org
Subject: Re: Update: Re: Password Manager opinions and recommendations
From: Joe <joe@jretrading.com>
Date: Tue, 27 Mar 2018 08:57:24 +0100
Message-id: <[🔎] 20180327085724.65b62937@jresid.jretrading.com>
In-reply-to: <[🔎] 201803262102.48072.rhkramer@gmail.com>
References: <[🔎] 201803251152.13825.rhkramer@gmail.com> <[🔎] 201803252154.22396.rhkramer@gmail.com> <[🔎] 26032018204655.6b29260eb923@desktop.copernicus.org.uk> <[🔎] 201803262102.48072.rhkramer@gmail.com>

On Mon, 26 Mar 2018 21:02:48 -0400
rhkramer@gmail.com wrote:

> Thanks to all who replied! 
> 
> I thought I'd summarize where I am:
> 
> I like three of the suggestions (from what I've seen / investigated
> (slightly) so far, but with some comments:
> 
>    * pass: appeals to me a lot--the one problem for me (for which I
> believe I've found the solution) is that it stores the encrypted
> password files in my /home.  I have what might be called a
> "religious" aversion to storing what I consider "real" user data
> in /home.  I've looked at the source code, and I see where $HOME is
> used to create that directory.  If I use pass, I will, at the very
> least, modify that in my own copy, but also write to the author and
> suggest that he allow a command line parameter (or config file)
> change the location of the directory.
> 
>    * I like the approach that http://masterpasswordapp.com/ takes to
> create passwords and, iiuc, recreate them each time they are needed
> rather than storing them anywhere.  I'll read up a little more on
> that.
> 
>    * I haven't spent much time on keepass--maybe in the next day or so
> 
>    * I also like the approach suggested by Abdullah Ramazanoglu (and
> the somewhat similar Diceware), but I almost didn't find the emails
> from Abdullah-- for some reason my email client did not receive
> them--I've done a search of all the local email files (on my
> computer) (including trash, which I have not emptied in the last
> several days), and I've searched the Google email spam, trash, and
> all folders.  I'll be digging into this and possibly seek help in a
> new thread.
> 

Something I haven't seen mentioned: KeePassX does a kind of poor man's
two-factor authentication, allowing the use of both a password and an
arbitrary file in its encryption. So it's possible to store the file on
your computer(s) and carry the database itself on a USB key, meaning
that if either is lost or stolen, there is a bit less urgency in
changing all of your passwords. A couple of offline backups of both, of
course, should also be kept.

-- 
Joe

Reply to:

Follow-Ups:
- Re: Update: Re: Password Manager opinions and recommendations
  - From: rhkramer@gmail.com

References:
- Password Manager opinions and recommendations
  - From: rhkramer@gmail.com
- Re: Password Manager opinions and recommendations
  - From: rhkramer@gmail.com
- Re: Password Manager opinions and recommendations
  - From: Brian <ad44@cityscape.co.uk>
- Update: Re: Password Manager opinions and recommendations
  - From: rhkramer@gmail.com

Prev by Date: Re: help identifying package for /usr/share/dict
Next by Date: Re: some questions about cfengine3
Previous by thread: Re: Update: Re: Password Manager opinions and recommendations
Next by thread: Re: Update: Re: Password Manager opinions and recommendations
Index(es):
- Date
- Thread