[ale] password management

J.M. Taylor jtaylor at onlinea.com
Wed Jul 23 12:00:37 EDT 2003


I always kept one copy in a firesafe somewhere, er, safe, just in case the
Run Over By A Bus thing were to happen.

I never got the chance to do the keychain thing, but I would think that
using PGP/GPG to encrypt a file with your passwords, and storing that on a
keychain USB drive would be pretty cool, as long as you trusted the
machines you were using to decrypt said file.  It *seems* safer than
writing it down on a piece of paper and stuffing the paper into my wallet
to get washed, etc, but would be interested to hear flaws in that idea. 
It also seems safer than the palm, just because pdas are easier to leave
lying about than something stuck on your keychain (at least, for me).  I
also have no idea how the keychain USB drives work with Linux....

Re Jonathan's mnemonics...couldn't I then use your hostname in a
customized brute-force attack?  Or is the length and complexity of the
password enough to foil that kind of thing?

jenn

> On Wed, Jul 23, 2003 at 10:45:31AM -0400, Christopher Bergeron wrote:
>> Does anyone have any good tips on how to manage passwords?  I did a
>> quick tally today of how many passwords we need to keep track of and I
>>  stopped at the 100 mark.  We use passwords for different boxes,
>> vendor  services (T1 management websites, etc)., client files (pgp),
>> client  websites, phone systems, jetdirect boxes, all-in-one copiers,
>> email  clients, routers, vpns, etc...  I'd like to implement LDAP
>> here, but I  can't convince management to let me spend time on it
>> (just to make my  life easier).
>>
>> Sooo....
>>
>> What I was wondering is if anyone has any tips on how they keep track
>> of  many UID/signon/passwords.  I've seen keychains, etc, but I'm sure
>> I  want to key about 100 passwords into a little keychain.


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list