|
|
|
|
|
|
by udoprog
5473 days ago
|
|
|
I currently store all my passwords in a KeePass[0] database distributed using SpiderOak[1] (hassling, but only once for each device). [0] http://www.keepassx.org/
[1] https://spideroak.com/
All my services have gotten 50 char (nice entropy) random passwords, and for ease of use I store them in the browser with an equally difficult master password.My Fx settings involve flushing all cache and sessions on closing. Apparently when setting the Fx master password, the local database appears to be using 3DES encryption in CBC mode[0] (nice and slow) which is insanely secure with long and keys. The only password I have to remember is the KeePass database, which in turn is as complicated as I can remember. The when booting up firefox, just paste the master password. [0] http://luxsci.com/blog/master-password-encryption-in-firefox-and-thunderbird.html
Funny enough, the SpiderOak distribution password is saved in the KeePass db, giving me a sort of chicken-or-egg problem when setting up, I'm toying with the idea of distributing the database publicly, which should be secure enough.This means that the only password that is stored in my head is for the KeePass db, but I'm planning on replacing it with a key file (perhaps on USB), once I've figured out a usable scheme for it. I'm just dying for the day when web services can be integrated into a proper keychain, that would spell an end to this bull. |
|
|
How easy do you find SpiderOak to use otherwise?