# How do you store your passwords?

## aeris

Hi,

I've been using Password Safe on Windows for all my passwords but I want to move them over to my gentoo box. So how do I store them safely?

I was thinking about keeping them in a text file encrypted with gpg (symmetric) and to fetch the entry I want with something like the following:

```
gpg -d pw.gpg | grep "Entry"
```

As a side note is it easy for someone who knows what he/she is doing to see what I had on my clipboard after I've replaced it with something else? (I'm not using Klipper). And the same goes for my konsole after I've closed it?

/ mikael

----------

## neilhwatson

The only safe way to keep passwords is to never write them down.  Keep them in your head.  As of yet, no one can hack that   :Shocked: 

----------

## aeris

Of course, that would be the ideal solution, but i have more than 100 passwords in Password Safe for different sites, services and servers. Hard to keep in your head don't you agree?

( Please don't tell me to use the same password for all   :Wink:  )

----------

## bsolar

 *aeris wrote:*   

> ( Please don't tell me to use the same password for all   )

 

The same, no but you might differentiate by security level and use the same password for the same security level, reducing notably the amount of strings to remember.

----------

## aeris

 *Quote:*   

> The same, no but you might differentiate by security level and use the same password for the same security level, reducing notably the amount of strings to remember.

 

I'm not in a position to change all the passwords and they are not all set by me in the first place. Someone must be in the same position? I mean if there is a market for products like Password Safe on Windows, there must exist a market on Linux considering all the servers out there.

----------

## neilhwatson

I'm going to go on a rant here (I apologize in advance).  I believe there is a market for password saving applications because the average user is so grossly ignorant of computer security that they only see passwords as an inconvenience.

How many times have you seen users write passwords on post-it notes on their monitors?  Users often share passwords with each other.  I often see users leave their computers unattended and unlocked for long periods of time.  Users often pick passwords that are rediculously easy to crack.

You are warned against having the same password for many services yet, storing different passwords in one location defeats the purpose of having different passwords.  To retrieve all of your passwords I only need crack one.

----------

## aeris

If I ask you how to drive a car, would you tell me to ride a bike?    :Rolling Eyes: 

First of all I love passwords, I don't see them as an inconvenience. 

At my previous job the network administrator used Password Safe because he had to keep track of a bunch of passwords, so I'm not the only one.

Users who write down their passwords on post-it notes doesn't use applications like Password Safe, atleast not among the people I know.

If I only have to remember 1 password I can select one that is almost impossible to break with brute-force.

/ mikael

----------

## neilhwatson

 *aeris wrote:*   

> 
> 
> Users who write down their passwords on post-it notes doesn't use applications like Password Safe, atleast not among the people I know.

 

Yes they do.  Email clients can retain your passwords.  Web browsers can retain passwords for websites.

As for your question.  I would suggest you use GnuPG to encrypt your password text file.  Just make sure the password is very good.

----------

## Sesquipedalian

I use gringotts to store passwords as well as various other sensitive information.  It's nice, simple and flexible   :Smile: 

----------

## aeris

 *Quote:*   

> As for you question. I would suggest you use GnuPG to encrypt your password text file. Just make sure the password is very good.

 

Thank you.

 *Quote:*   

> I use gringotts to store passwords as well as various other sensitive information. It's nice, simple and flexible  

 

That looks really nice and their page answered some of my other questions aswell. Thanks   :Very Happy: 

----------

## ddsn

I have to agree w/ aeris. For many people, choosing a common password for sites/services that have teh same security clearance is not an option.

Or should I go and tell all of my customers to please change their administrator passwords so it would be much easier for me to remember? No.. Why not? Because I would get fired faster than Gentoo boots...(And that is pretty quick, atleast for my system)  :Very Happy: 

So, a powerful software to keep order and security amongst the passwords is most wanted for many.. 

Someone who reads this forum must atleast have some experience with a good program?  

How does Admins at larger companies handle this?

----------

## ghuug

I'm using GnuPG for storing passwds. I don't have the same password for all resources I use, but each time I create a password it is something like

```

DRE(#$7RjcxSL:AWE_)$&@#,CX>;AAW

```

and so on. Which is pretty hard to keep in your head, especially when you have hundreds of those. GnuPG makes my life easier.

Mikhail.

----------

## guero61

Not linux-based, but I use STRIP on my Visor -- it's incredibly useful when we sysadmins change passwords, because then we can just beam each other the encrypted passwordset, and *boom*, it's all synced!

----------

## thewalledcity

 *mikael wrote:*   

> 
> 
> If I only have to remember 1 password I can select one that is almost impossible to break with brute-force.
> 
> 

 

By definition brute-force means trying *every* combination until it is broken.  You cannot pick a password that cannot be brute-forced.  You *can* pick a password that will take some time, but if the length of the password is known that drastically reduces the amount of time needed to break it.

----------

## aeris

 *Quote:*   

> By definition brute-force means trying *every* combination until it is broken. You cannot pick a password that cannot be brute-forced. You *can* pick a password that will take some time, but if the length of the password is known that drastically reduces the amount of time needed to break it.

 

Almost impossible, almost.. not impossible. Did you really think that post was necessary?

/ mikael

----------

## ebrostig

I agree with aeris that there is a need for applications like he asked about.

There is a lot of systems that can not even use the same password, restrictions on lenght, contents, mix of numbers and letters and special characters etc.

Plus the fact that some people need to have access to passwords used by several. How about this:

You are in charge of the IT department of a small to medium sized business. The sysadmin with the root password got killed in a car accident. How do you get into the server to change it? By having a central repository for system passwords in an organization you can ensure that the systems are accessible and that your business continues to run without a hitch even if some key personell is no longer with you.

Yes, aeris, a very valid question IMHO.

(Oh and let us know what you find and you experience with it)

Erik

----------

## johnk73

Figaro's password manager also works well, theres no ebuild and it requires gnome libraries.

----------

## Hypnos

 *johnk73 wrote:*   

> Figaro's password manager also works well, theres no ebuild and it requires gnome libraries.

 

I have written an ebuild, here:

https://bugs.gentoo.org/show_bug.cgi?id=18684

I have been using FPM for ages -- it is a mature, functional piece of software.  Unfortunately, it is a GNOME1 app, so it presents some minor annoyances in my GNOME2 environment (not the least of which is that it looks rather ugly).   Development seems to have stalled, and I did not get replies to the one or two emails I sent to the author.

I will give Gringotts a try.

----------

## burmashave

 *guero61 wrote:*   

> Not linux-based, but I use STRIP on my Visor -- it's incredibly useful when we sysadmins change passwords, because then we can just beam each other the encrypted passwordset, and *boom*, it's all synced!

 

The good thing about using a tool on a Palm is that it adds a level of physical security if the Palm data is not kept on a networked device.

To my way of thinking, if the password you use for the password manager is harder to crack than any other password, then security is not compromised to the degree it would be otherwise.  It is true that cracking the pw manager password provides all passwords; however, to do so, a cracker would need to crack the hardest password.

----------

## sessionID

 *aeris wrote:*   

> Hi,
> 
> I've been using Password Safe on Windows for all my passwords but I want to move them over to my gentoo box. So how do I store them safely?
> 
> 

 

Don't listen to all this hype  :Wink:  :Wink: 

Use gpasman or kpasman (in portage), or the already mentioned gringotts (<= really good!)

----------

## Hypnos

I have submitted an ebuild for gpasman-1.9.2 (pre-2.x, uses GTK2):

https://bugs.gentoo.org/show_bug.cgi?id=26600

----------

## To

 *bsolar wrote:*   

> 
> 
> The same, no but you might differentiate by security level and use the same password for the same security level, reducing notably the amount of strings to remember.

 

That's what I do.

Tó

----------

## Cluster

One of my concerns is trusting my passwords to a proprietary (non-text) format -- if one of these password safes chooses to screw up at an inopportune time, my passwords might be lost.  So instead:

For 99% of protected content, I use a homegrown utility to generate a random password based on the site's requirements (no symbols, alphanumeric only, numbers only, etc.), and I keep those passwords (about 150 so far) in a plain text file which I keep encrypted using asymmetric encryption through GnuPG.

On my personal workstation, I decrypt the file to a tab in Gnome Terminal, and then just leave this tab open until a reboot.  This keeps the file secure at all times, and the passwords are only cached in RAM.  The way I see it, if someone broke into my apartment, broke into my room, then knew my screen saver password (which is not in any file), then they must be me.

Furthermore, because I use asymmetric encryption for this file, only my workstation (and another copy of the encryption key which I keep physically locked up) can decrypt the file.  I've been using this system for about two years now, and have peace of mind.

----------

## Dlareh

I use a three part password.  Part is based on the year I started using the service, part is based on an extremely simple mental hash of the service's name, and the other part is base on standard set of symbols for the /type/ of service (I have about 10 different ones of those)

It's a very convenient system -- differenet, strong passwords for everything and very easy to keep track of without writing or storing them down anywhere.

----------

## Chris W

I use Password Gorilla.  I keep Linux and Windows binaries (no install required), along with the encrypted password file on a USB flash drive.  While there are some questionable claims on the website (e.g. "It is not possible to break into a password database without knowing the master password.") this does a reasonable job of ensuring privacy.

----------

## neilhwatson

Having given this some thought over the past few months I do now see a use for password management.  As was mentioned, it is better to not rely on a specific application.  Generic, yet strong, file encryption is the best method. Personally, I would not recommend Gpg.  That requires a key file.  What happens if that key file is lost?  Keep it simply in case you ever need these passords in an emergency.

Better to go with encrypting via a passphrase only.  Perhaps using ssl to encrypt the file would be best.  One would have to be careful how this is done.  We do not want the decrypted file to ever reside on the hard drive.

----------

## bludger

 *neilhwatson wrote:*   

>  Personally, I would not recommend Gpg.  That requires a key file.  What happens if that key file is lost?  Keep it simply in case you ever need these passords in an emergency.

 

Gpg does not require a key file if you use the --symmetric file.  

Here is a little script that I use to edit my password file:

#! /bin/bash

FILENAME=${@}

read -p "Enter gpg Password:" -s PWORD

TMPFILE=/tmp/.tmpfile-${PPID}-${$}

BACKUPFNAMES="${TMPFILE}~*"

umask 077

rm -rf ${TMPFILE} >/dev/null 2>&1

echo -n $PWORD|gpg --decrypt --passphrase-fd 0 $FILENAME >$TMPFILE

vi $TMPFILE

echo -n $PWORD|gpg --symmetric --passphrase-fd 0 --cipher-algo=aes256 -o $FILENAME $TMPFILE

rm -rf ${BACKUPFNAMES} ${TMPFILE} >/dev/null 2>&1

-----------------------------------------

The script to read the password file is even simpler:

#! /bin/bash

FILENAME=${@}

read -p "Enter gpg Password:" -s PWORD

echo -n $PWORD|gpg --decrypt --passphrase-fd 0 $FILENAME |less

------------------------------------------

Password Gorilla, however, looks pretty interesting.  I have long been looking for something that runs on windows or linux and that runs standalone so that I can keep it on a memory stick and run from someone elses windows machine.  Pity it is blowfish rather than aes256, although blowfish is probably still pretty strong AFAIK.

----------

## MrUlterior

 *aeris wrote:*   

> Hi,
> 
> ..
> 
> ```
> ...

 

I use pretty much this solution, with the exception that don't store the file (pw.gpg) on any of my PCs -- I keep it on a 1GB SD Card along with a win32 build of GnuPG,my pubring.gpg & secring.gpg + a small C app I wrote to generate lists of random passwords.

The SD card goes where I go; in my smartfone . I can easily select an individual password from the decrypted file & beam it via IR to a PC should I need to (the passwords are very long random strings so typing them is not my preference). In this fashion even should I transfer a single password to a compromised PC, only that particular password is compromised and not my entire list.

In some of the companies I work for however security or old-tech prevents beaming, for that reason I also have a small (3cm long) USB SD reader that travels in my wallet for such purposes. If old tech prevents even USB, finally I resort to typing the buggers in.

I dislike the idea of storing even crypted passwords on a static PC, it could be compromised in my absence + a keylogger would potentially compromise ALL passwords. With the SD card solution in order to compromise my security you'd need to compromise me, in which case my passwords are probably the least of my concerns ...

Ideally what I'd like is a "IR beam to clipboard" application!

----------

## Shadus

 *aeris wrote:*   

> Of course, that would be the ideal solution, but i have more than 100 passwords in Password Safe for different sites, services and servers. Hard to keep in your head don't you agree?
> 
> ( Please don't tell me to use the same password for all   )

 

The same password everywhere is "Very BAD"(tm) however, there are good solutions.  For example, key'd passwords.

BasePW:  -0823|..!

Slashdot: -0823|st!

Gentoo: -0823|go!

Obruo: -0823|oo!

Anyone getting a single password isn't going to get the rest, this is especially useful if teamed with "security level" passwords...

whocares -0823|..!

private #49Ab!..

secure etc etc etc

Further combining with abreveations<sp> for phrases makes it easy to remember AND secure...

whocares js,CR.. is ... (juniper sucks, Cisco Rules) Site Specific

private .n1sabaB!. is ... Site Specific (no one smells as bad as Bob!) Site Specific

secure etcetcetc

Lot of great ways to remember passwords *easily* and still never have to write them down even if you have quite literally hundreds of passwords.  My memory limit is about 10 "complex" passwords, which I remember as security levels+key'd+abrev'd phrases... which lets me have unique passwords for each site, but only have to actually "remember" 10 passwords.  I cycle thorugh changing them about one every other week.

----------

## neilhwatson

 *bludger wrote:*   

> 
> 
> ```
> 
> ...
> ...

 

Interesting.  The only flaw I see is that you decrypted the file to a hard disk.  Now a copy resides there even after you erase it.  Perhaps you could use bcwipe or some other untility to clean the file from the drive.  The ideal solution would be to decrypt the file to ram.  Good info on Gpg. I did not know you could encrypt without a key file.

----------

## MrUlterior

 *Shadus wrote:*   

> 
> 
> The same password everywhere is "Very BAD"(tm) however, there are good solutions.  For example, key'd passwords.
> 
> 

 

Sorry, but I think your idea is only slightly better than the same password, equipped with a single (or preferably at least two of your passwords) someone of malicious intent with a little determination potentially has them all ...

This is security via obscurity

Heck writing them all down on a bit of paper in your wallet is a MUUUCH better solution; at least then you can pick strong unique passwords for everything. Additionally you don't take into account assigned passwords over which you have no control, I know at least a fifth of mine are of this nature.

----------

## Shadus

 *MrUlterior wrote:*   

> Heck writing them all down on a bit of paper in your wallet is a MUUUCH better solution; at least then you can pick strong unique passwords for everything. Additionally you don't take into account assigned passwords over which you have no control, I know at least a fifth of mine are of this nature.

 

I disagree for a multitude of reasons, but you're welcome to your opinion.

You know, a wallet is the second to last place I'd store a password.  Just what I want, someone who robs me to not only have all my personal information, credit card information, etc... but also to have passwords for various things.  If you can't remember it without writing it down it's worthless.

As for assigned passwords... I've never had a single one... so it's never been a concern for me.

----------

## MrUlterior

 *Shadus wrote:*   

> 
> 
> I disagree for a multitude of reasons, but you're welcome to your opinion.
> 
> You know, a wallet is the second to last place I'd store a password.  Just what I want, someone who robs me to not only have all my personal information, credit card information, etc... but also to have passwords for various things.  If you can't remember it without writing it down it's worthless.
> ...

 

Someone who stole your wallet probably did it for your money & credit cards, I doubt he cares about access to your pr0n sites, nor about using your account(s) to make fraudulent purchases seeing as he/she already has your credit cards ...

However someone that stole one of your passwords via some method of compromising your account; is obviously intent on just that.

Besides, the physical compromise for the purpose of  getting your passwords is already so dire that I'd suggest you're screwed in any event, heck - someone willing to consider the physical option is obviously targetting you specifcally & is probably likely to use much more desparate measures do get what he/she wants. 

Anyways I think your final comment separates our points of view; if you've no assigned passwords you probably don't use ebanking or any applications require special security provisions, so I can see that's not your concern. I've to use applications who's passwords & keys change (in some cases on each use), the application securely transmits via a separate means one or more authentication elements. For example, for ebanking I've a device that generates one time passwords on recieving a key + an assigned input from the application.

----------

## Shadus

 *MrUlterior wrote:*   

> Anyways I think your final comment separates our points of view; if you've no assigned passwords you probably don't use ebanking or any applications require special security provisions, so I can see that's not your concern. I've to use applications who's passwords & keys change (in some cases on each use), the application securely transmits via a separate means one or more authentication elements. For example, for ebanking I've a device that generates one time passwords on recieving a key + an assigned input from the application.

 

I do use ebanking.  I change my passwords more frequently than they require, perhaps the us is different than where you work.  I work in systems administration, mostly security, in the united states in the medical field and the restrictions I deal with are getting tighter and tighter by the year (due to hipaa, which is a good thing.) So I'm quite versed in security both computer level and network level.

I've been doing ebanking for about 8 years... 3 different banks, and I've never had an assigned password.  So long as the password meets the criteria, they've always let me choose and change my passwords at will (so long as it didn't pass the 60/90 days they require... and all passwords i use change every 60-90 days... my bank passwords are closer to every 3-4 weeks.)

Generally I don't assume someone would mug me for passwords, however alot of criminals (here at least) are oportunistic, the individual may have done it for credit cards/money/whatever but they wouldn't hesitate to sell someone else with the technical expertise to abuse the passwords for a few extra dollars.

As far as getting passwords for my pr0n sites and such, shrug who cares.  Those passwords are the furthest from my areas of concern.  If I were carrying passwords I'd be more concerned with my bank account passwords, root/enable/administrator passwords, etc.  A website login for something that isn't confidential and secure is a joke.  I suppose you could rot13 the passwords you carry, but I still say carrying a password is nearly as bad as sticking it under your keyboard.  Memorize them or it's a waste of time.  

Combining security levels, key'd passwords, memorizing them, and strong passwords is about as gets unless you have a photographic memory.  If you write them down or store them on an electronic device you're fooling yourself into feeling secure.

The sad thing is, most people use the same password everywhere.  Their dog, their grandkid, their parents, their birthday, their phone number, a favorite sports team, etc... when I did a security audit at an isp i worked for I found 800 joes or reverse joes in 10k accounts.  Picked out 3000 passwords in under 20m... with a 100 line dictionary and a few basic rules.  I could get into most of their bank accounts to this day with the same password with a capital letter at the front and a 0-9 char at the end.

Not saying you're wrong, just saying in my experience it's not the way things work.

----------

## joaander

I use revelation. ebuild available at bugs.gentoo.org. And, it stores the passwords in an encrypted text file, so with a few lines of python code (available at the revelation website), you can access your passwords if the revelation GUI explodes.

----------

## MrUlterior

 *Shadus wrote:*   

> 
> 
> I do use ebanking.  I change my passwords more frequently than they require, perhaps the us is different than where you work.
> 
> ...
> ...

 

You're kidding? E-banking with only password protection? How on earth does that protect you from phishing or the various MTM attacks? Here ebanking is required by banking law to have two part authentication: either via a preprinted sheet of one time passwords or the device I described earlier.

----------

## neilhwatson

If you want to keep the decrypted file in RAM, you can create a RAM drive like this:

```
mount -t tmpfs -o size=64k tmpfs /ram
```

More permanently in /etc/fstab (untested):

```
# ram drive

tmpfs   /tmpfs  tmpfs   size=64k    0 0
```

Having read /usr/src/linux/Documentation/filesystems/tmpfs.txt I see that tmpfs can also be part of swap and thus on the hard drive.

Would it be better to use ramfs?

```
mount -t ramfs -o size=64k /dev/ram /ram
```

and in /etc/fstab (untested):

```
/dev/ram    /ram    ramfs  size=64k 0 0
```

----------

## neilhwatson

BTW, you can do similar encrypting using openssl instead of Gpg:

```

nwatson@valetta ~/tmp $ openssl enc -aes256 -in secret -out secret.en

enter aes-256-cbc encryption password:

Verifying - enter aes-256-cbc encryption password:

nwatson@valetta ~/tmp $ ls -l secret*

-rw-r--r--  1 nwatson users 44 Aug 25 08:12 secret

-rw-r--r--  1 nwatson users 64 Aug 25 10:31 secret.en

nwatson@valetta ~/tmp $ openssl enc -d -aes256 -in secret.en

enter aes-256-cbc decryption password:

This is a secret

site    user    password

```

----------

## yakapiece

I think this is a very good topic, most users take for granted some of the strengths of linux.  What has really stuck in my mind was the argument between storing the passwords in a program or in a wallet.  The wallet is in some ways is the better choice, if it were stolen atleast you would know and have time to react, but then again, almost all form of identification goes with as well as contact numbers.  So what if your wallet could have a strong password?  That would mean someone would have to literally bruteforce it while its in their hand.  Bruteforce is a fear because with more processing power more passwords can be tried, but if you take the computer aspect out of it - its a long road.  About a year ago I had asked this question but I wanted a physical unit to store it on.  One that had no form of transmitting - no offense, but storing on a palm or a cell phone is more insecure than just a linux box, atleast in my opinion.

So say a unit like the follow might be worthwhile

http://www.thinkgeek.com/gadgets/security/7573/  A bit expensive, but are there any other code banks like this on the market?

I think this is a compromise on all topics in this thread, I can't say I remember what encryption algorithms it uses, but it does offer the wallet campaign some security.  I also agree the best kept secrets are in your head, but I make the mistake of using old account numbers or derivatives of, as new passwords, It would be nice to have an autogenerating device, maybe even with a reminder to change.

----------

## neilhwatson

 *yakapiece wrote:*   

> So say a unit like the follow might be worthwhile
> 
> http://www.thinkgeek.com/gadgets/security/7573/  A bit expensive, but are there any other code banks like this on the market?

 

Interesting device.  However, it seems that this would suffer from vendor lock in.  Can I backup the contents in case the unit is lost or damaged?

----------

## Ph0eniX

 *aeris wrote:*   

> Of course, that would be the ideal solution, but i have more than 100 passwords in Password Safe for different sites, services and servers. Hard to keep in your head don't you agree?
> 
> ( Please don't tell me to use the same password for all   )

 

Do you really need that many passwords? ...I use the same one for message boards and other light stuff.  Then a few different ones for banking, home network, etc... - 10 to 15 total perhaps - I've never had the need to for a utility like Password  Safe and I doubt that I ever will.  I wouldn't trust an app. like that to be secure enough anyway.  Just my $.02

----------

## Ph0eniX

 *bsolar wrote:*   

>  *aeris wrote:*   ( Please don't tell me to use the same password for all   ) 
> 
> The same, no but you might differentiate by security level and use the same password for the same security level, reducing notably the amount of strings to remember.

 

Precisely!

----------

## yakapiece

 *neilhwatson wrote:*   

> Interesting device.  However, it seems that this would suffer from vendor lock in.  Can I backup the contents in case the unit is lost or damaged?

 

I agree that it would need to be backed up.  If you consider that, it would be introducing a scenario where someone could get a copy of "the data" (whatever format it is in) and hack away.  The reason why keeping passwords in your head is safe is because essentially its realtime.  Backing up your brain would be using a Password Safe program or even a sticky note.  An intermediate device, although proprietary like your brain, could be trusted and ease the thought process of making a new password and then reminding yourself to change.

I'm not sure how I feel about it, a <$100 device would be worth a try.

Myself, I use the same technique of memorizing password levels, categorizing passwords into those levels.  If I forget I have 3-5 to choose from.  Of course all my forums have the same password, my email accounts are similar, my bank accounts sadly are harder, but similar to each other.  Similar to me can be obscure to another person though because its about patterns.

----------

## neilhwatson

After much debate and testing, I've come up with a solution for encrypting passwords and remote backups.  If you see any flaws in this method, please let me know.

----------

## think4urs11

neat little program for this:

CPM; ebuild via https://bugs.gentoo.org/show_bug.cgi?id=93675

It is the successor of app-misc/pms

----------

## adgriffi

Here is a ruby script for password management:

http://dev.gentoo.org/~agriffis/userpass/

I don't think there's an ebuild for it, but I'm sure one could be created rather easily.

----------

## yakapiece

Still on the same topic as this, but I am still looking for a mean to securely store my passwords.  I think there have been many methods mentioned, however, none that are truly practical.  I would still like a small device (watch size) maybe with embedded linux or something that could do password generation and storage.

Reviving this thread if anyone has found anything...

Thanks

actually, when I say practical I forgot to mention that I left my notebook at home today, if I had more faith in my cell phone its the only device that goes EVERYWHERE

----------

## Tazok

I use kedpm from portage.

----------

## khuongdp

I am using phpchain http://sourceforge.net/projects/phpchain

It's a Web-based password database. Data is encrypted and stored in a database.

----------

## nielchiano

 *Cluster wrote:*   

> This keeps the file secure at all times, and the passwords are only cached in RAM.

 

just a note: your passwords MIGHT be swapped out to disk, so be careful about that assumption!

Off course, if you have an encrypted swap, that solves the problem

----------

## frozenJim

 *Chris W wrote:*   

> I use Password Gorilla.  I keep Linux and Windows binaries (no install required), along with the encrypted password file on a USB flash drive.

 

I have been looking for a solution that fits my needs for a couple of years now.  Chris W hit the nail right on the head here.

WHERE did you get your windows and linux binaries of password gorilla?  I'm just at the stage where if it isn't in Portage then it is hopeless.

------------------

edit:

Oh... I see.  There IS NO installation required.  I have downloaded the binaries from the link Chris provided to my usb key and presume that it will run just fine in Windows.  Now my only problem is how to run a tcl app in linux.  

If I can figure out how to command-line my tcl (which is aparently emerged already) then this should be perfect.

----------

## sokai

To use the password-file, you created by using Password Gorilla or MyPasswordSafe, under the Linux-console you can try pwsafe.

So I handle my passwords under Windows, Linux and the Linux-console across our net with a lot of Workstations and Servers.

----------

## Simius

Well, I have put some thought into this password device idea...

However, I'm not entirely sure that it would be the most practical - and safe - method.

What do we need?

- portability

- security

- reliability

The keypair encryption is maybe the best method in terms of security, so let's start out from here.

Having the private key on the very same unit the encrypted file is on - a workstation connected to the Internet -, defeats most of the security overhead keypair encryption offers. This setup can be called fair when we encrypt for transmission, but not for storage.

So I think we should have the private key in two copies - a paper hardcopy (honestly, I don't trust CDROMs enough to call them a hardcopy) and on a USB flash drive. Sure this can be stolen, but then again, your front door keys can be stolen too. And if it IS stolen, you do the same thing you would in the case of the front door keys - change the lock. That is, take the hardcopy, key it in, issue cancellation certs to all your communication partners, and re-encrypt any stored data with a new key.

(To defeat even the slight chance that the key might be stolen when it is in use on a computer, one could create a small computer that does all the encrypting, decrypting and signing via USB, and has different ports for uploading the key and for standard data traffic. This way, the key can only be stolen in a physical manner. Maybe there's already something like this on the market.)

The encrypted password file could even be kept on the Web, so you can access it from anywhere, and you could take the private key on the USB flash drive with you in your wallet...

----------

## nielchiano

 *Simius wrote:*   

> (To defeat even the slight chance that the key might be stolen when it is in use on a computer, one could create a small computer that does all the encrypting, decrypting and signing via USB, and has different ports for uploading the key and for standard data traffic. This way, the key can only be stolen in a physical manner. Maybe there's already something like this on the market.)

 

Yep, it's called "smartcard", you probabely have one under the name "credit card" or something similar.

 *Simius wrote:*   

> The encrypted password file could even be kept on the Web, so you can access it from anywhere, and you could take the private key on the USB flash drive with you in your wallet...

 

This won't help against an installed keylogger that takes screenshots every 2 seconds. They'll know where you store your keyfile, AND all passwords that were on the screen...

----------

## tgh

In general, if the box is rooted or otherwise untrusted, you shouldn't use it for secure operations.

...

I go for the KISS principle with password storage.  A GPG/PGP public key pair with a good, longish passphrase.  I then encrypt the contents of individual text files, one per website / service.  Easy to back up, I can encrypt certain passwords with multiple keys, and I can print out the ASCII armored text blocks to paper (or send them to a g-mail account, or hide them in the corner of a web/ftp site...).

The problem then becomes how to keep the secret key and the passphrase private, which is easier to do then keeping a few hundred account files secure.

----------

## frozenJim

 *tgh wrote:*   

> I go for the KISS principle with password storage. A GPG/PGP public key pair with a good, longish passphrase. I then encrypt the contents of individual text files, one per website / service. Easy to back up, I can encrypt certain passwords with multiple keys, and I can print out the ASCII armored text blocks to paper (or send them to a g-mail account, or hide them in the corner of a web/ftp site...). 

 

Great idea!

I've gotten Password Gorilla working for me now, and I'll keep using it for the time being, but I like your idea too.

The Password Gorilla install problem was simple, you don't install it.  You just "use" it.  I keep my Windows binary, my TCL binary, my Password Gorilla binary and my password file on a usb key.  When I need a password, I simply use the correct binary for the OS in use on that particular machine.  It's simple.   

The way I set it up for Gentoo is easy enough for anyone to make a package (can someone do so?)  I copy the binaries to the right location and simply make an icon in a menu to access them.    I copy the Gorilla files and tclkit to /opt/gorilla, then I make a symlink to tclkit in /usr/bin.  Then, for simplicity, I create a bash script called "gorilla" that does the work for me:

```
james@thorn ~ $ cat /usr/bin/gorilla

#!/bin/bash

tclkit /opt/gorilla/gorilla-1.3.kit

```

It's brainless, portable and secure enough for my needs.  The benefit being that my passwords are stored neatly in an intuitive heirarchy that makes it possible to keep thousands of passwords at my fingertips.

----------

## Aurisor

I have a piece of paper I keep in my wallet.  I figure if I lose my wallet I'm going to have to get new driver's license and credit card, so the hassle of changing all my passwords isn't that bad in comparison.

----------

## frozenJim

 *ishan wrote:*   

> I have a piece of paper I keep in my wallet. I figure if I lose my wallet I'm going to have to get new driver's license and credit card, so the hassle of changing all my passwords isn't that bad in comparison.

 

Well, my luddite friend, that only works for a few passwords that do not change - I have hundreds that change frequently.  Also, I am not comfortable with a wallet-thief possessing the many passwords of my clients.  Losing the driver's license would be insignifigant by comparison.  What a disaster THAT would be!  Also, forgetting the router password for a client would be embarassing at least.

So my requirement includes bulk, changeability, accessability, security, portability and backup.  It's really a tall order and I'm pleased to have found a tool that handles it.

But your point is good - it really depends on what you need.

----------

## figueroa

 *aeris wrote:*   

> 
> 
> I was thinking about keeping them in a text file encrypted with gpg (symmetric) and to fetch the entry I want with something like the following:
> 
> ```
> ...

 

After looking at all these posts and trying some of the software, I really do like the simplicity of this approach.  After all, there are several layers of security a hacker has to go through just to get into my network and onto my system, and then find the well hidden file that contains my passwords.  So I'm thinking this might be good enough.  What think you all now?

----------

## nielchiano

```
gpg -d pw.gpg | grep "Entry"
```

 *figueroa wrote:*   

> After looking at all these posts and trying some of the software, I really do like the simplicity of this approach.  After all, there are several layers of security a hacker has to go through just to get into my network and onto my system, and then find the well hidden file that contains my passwords.  So I'm thinking this might be good enough.  What think you all now?

 

That this restricts you is at least 3 ways:

only 1 line per entry is allowed; which might be impracitcal to store AND a BIOS-password, AND the GRUB password AND the root passwodr AND your user-password

you can't (easily) browse the list of entries

It's not an "offline" viewer: an infected computer can screenshot/keylog your session and at least know that ENTRY's password, maybe all of them

But as you say... the simplicity is wonderful

----------

## figueroa

 *nielchiano wrote:*   

> 
> 
> That this restricts you is at least 3 ways:
> 
> only 1 line per entry is allowed; which might be impracitcal to store AND a BIOS-password, AND the GRUB password AND the root passwodr AND your user-password
> ...

 

Generally concur, but I can also pipe through more or less which gives me a nice browsing capability.

----------

## nielchiano

 *figueroa wrote:*   

> Generally concur, but I can also pipe through more or less which gives me a nice browsing capability.

 

which would change item 3 to:

 *nielchiano wrote:*   

> 
> 
> * It's not an "offline" viewer: an infected computer can screenshot/keylog your session and at least know a screenful of passwords

 

----------

## elpeor

I found a nice app that just takes fpm database:

admin/kedpm

      Latest version available: 0.4.0-r1

      Latest version installed: 0.4.0-r1

      Size of files: 60 kB

      Homepage:      http://kedpm.sourceforge.net/

      Description:   Ked Password Manager helps to manage large amounts of passwords and related information

      License:       GPL-2

----------

## djdunn

I keep my passwords in a piece of paper on my desk, the chicken scratch i write with is better than any encryption...

----------

## quag7

I used to carry a paper in my wallet that had what appeared to be notes from a college literature class.  Each two bullet points had a hint which would help me remember a password.  If stolen, it would look like a bunch of literature notes.

For example, I had a password which was !z00ey451 as:

* In what ways did the Glass family embody Salinger's Buddhist beliefs or principles?

* For what reason are Salinger's books commonly subjected to censorship?

The first question = Glass Family = Zooey Glass from J.D. Salinger's Franny & Zooey 

The second question = censorship = book burning = Heinlein's Fahrenheit 451

Now of course I had to be vaguely familar with the passwords I chose.  These would simply help me to remember them and pair together numbers and names.

I don't have that paper anymore, but I was able to store almost 30 passwords via this method.  There was no way of telling that the paper was anything other than a list of assignments or notes.  I forget how I tied the passwords to specific systems or resources, but I was able to, through encoding that into the bullet points.

All passwords had set of rules which applied universally to add additional characters in - like if the password begins with a letter, then it would have an exclamation point at the front...or something along those lines.

This sounds complicated but it worked for me for about 5 years.

There are probably lots of ways of encoding meaning into something that looks like a grocery or "to do" list - or even graphically.

----------

## nielchiano

quag7's method looks nice... but I don't think it's practical for random passwords... since that would require too much bulets/passwd.

Also: loosing your wallet/paper ruins your passwd database...

----------

