|
cyxx posted:So how do these things work on mobile and locked down work computers? Keepass on android is easy to use: you unlock the database and select the entry you want to use. You then can use the notification drawer to copy the username or the password to the clipboard with a single click next is to paste into the appropriate field. I assume iOS is similar. The portable version of keepass will run without being installed.
|
# ? Jan 15, 2015 12:20 |
|
|
# ? Mar 28, 2024 18:18 |
|
I've been recommended Password Box by a friend, which supposedly runs an algorithm that "hasn't been cracked since 1960". I find that dubious but v-_-v I just want a good fortress to encrypt all my password in and control from a central point. Anyone knows anything about it? I haven't seen it mentioned here.
|
# ? Mar 7, 2015 04:20 |
|
StarMinstrel posted:which supposedly runs an algorithm that "hasn't been cracked since 1960" I would immediately be highly suspicious of any product that promotes its cryptography in such a meaningless and misleading pandering way. It feels like hucksterism. And someone who understands crypto would inherently know that being old doesn't mean being better.
|
# ? Mar 7, 2015 04:46 |
|
StarMinstrel posted:I've been recommended Password Box by a friend, which supposedly runs an algorithm that "hasn't been cracked since 1960". I find that dubious but v-_-v I just want a good fortress to encrypt all my password in and control from a central point. Anyone knows anything about it? I haven't seen it mentioned here. "Hasn't been cracked since 1960" could be accurately interpreted as "it was cracked in 1960." Once an algorithm is cracked, it's cracked, no?
|
# ? Mar 7, 2015 04:46 |
|
Password Box is a McAffee product (Click on Help/FAQ at the bottom of the page). That should tell you all you need to know.
|
# ? Mar 7, 2015 04:50 |
|
How is roboform for team password sharing? My company's outside IT guy is pushing it over lastpass but I don't totally trust him as a lot of his solutions seem to be based on how many billable hours they make for him.
|
# ? Mar 7, 2015 05:59 |
|
Bhodi posted:Password Box is a McAffee product (Click on Help/FAQ at the bottom of the page). Ok so it's poo poo. I'll check out the other recommendations --- Just checked out Keepass. I'm curious : It's OpenSource, meaning that everyone has access to the algorithm, right? What would someone need to do in theory to then have access to all your passwords with Keepass? It seems to me that using it would be opening myself to inviting people to have easier access to all my passwords in one place with an algorithm that's openly available. I have zero knowledge of security coding so forgive me if this is the dumbest poo poo ever I'm asking >.> Popoto fucked around with this message at 17:12 on Mar 9, 2015 |
# ? Mar 9, 2015 17:04 |
|
StarMinstrel posted:Ok so it's poo poo. I'll check out the other recommendations No. They let everyone know what the maths are, but not the numbers you put into the maths to create the encryption. This is actually more secure than hiding the maths - it means that geeks and crypto-weenies can examine the maths and a) determine how strong it is and b) point out any vulnerabilities due to poor implementation - then post the results in public.
|
# ? Mar 9, 2015 17:24 |
|
spog posted:No. Ok so basically, peer review journals. That's good. I suppose the bit about the number s you put into the maths is us choosing the passwords, right? In that case it shoot my confidence up. I suppose the other reason to really use those password manager is not just to put all your stuff in one place, but also to use their password generators to make really complicated ones since you know you won't have to remember them, thus making sure it's not brute-forcable...
|
# ? Mar 9, 2015 21:04 |
|
There's also a database settings page wherein you can tell it how many key encryption rounds to use. It defaults (on the old 1.x version I use) to 200,000 rounds, but if you click the button out to the right it will calculate how many rounds it can do on your CPU in one second. My core i7 860 at work does over five million, I can only imagine how many a current-gen processor will do in a second (or log into my home machine remotely, but whatever.) If you raise this value it'll take a little longer to open the DB on your phone, for instance, but this also adds a constant time factor to any brute force attempt.
|
# ? Mar 9, 2015 21:45 |
Another voice in the KeePass echochamber. I've been using it for probably well in excess of five years. Google Drive makes it easy to sync, and I can open it on my Android, my desktop, or my laptop. On the whole I'm very satisfied with them. My biggest irk is when I modify the password file on my laptop and I don't sync the DB file (because I'm offline or close my laptop before it can upload), then get a modification conflict in Google Drive.
|
|
# ? Mar 9, 2015 22:14 |
|
The problem with KeePass is that the Windows client is the only one that's good, and your options on other platforms range from merely acceptable (iOS, Android) to downright awful (OS X). I switched to Dashlane and have been much much happier.
|
# ? Mar 9, 2015 22:37 |
GokieKS posted:The problem with KeePass is that the Windows client is the only one that's good, and your options on other platforms range from merely acceptable (iOS, Android) to downright awful (OS X). I switched to Dashlane and have been much much happier. I've found the OSX client to be perfectly usable. Are you using KeePassX or some other version?
|
|
# ? Mar 9, 2015 22:40 |
|
Back when I used it, my options for a KeePass 2.x compatible client on OS X was a wholly incomplete alpha version of KeePassX, KeePass running via Mono which barely work, and then later KyPass Companion, which was by far the best of the trio, though that wasn't saying much and it still had a bunch of issues. Maybe it's improved enough over the last 1.5-2 years, but back then I switched away to Dashlane and was much happier.
|
# ? Mar 9, 2015 23:15 |
|
|
# ? Mar 28, 2024 18:18 |
|
That's a big thing about keepass. DO NOT USE 2.X. Only use the 1.X. 2.x was re-written in microsoft-only for some reason and isn't compatible with poo poo. 1.X is cross-platform as all hell and has all the features you really want (pagent / ssh integration, auto-type)
|
# ? Mar 13, 2015 02:41 |