Hacker News new | ask | show | jobs
Password Manager - Any suggestions?
3 points by adamo 6041 days ago
A friend has reached the limit of his memory capacity on passwords that he can remember and asked me for advice. Since I have not reached my limit, I turn to HN and ask for advice too. Operating Systems of Interest are Linux and Windows (in this order of preference).
6 comments
RevRal 6041 days ago
KeePass is what I use.

The password database that KeePass uses can be accessed from linux and windows. For Linux you'll need KeePassX.

Other pluses:

+The software is portable.

+Generates super strong passwords.

+Along with the password to access your password database, there is an option to have a "key file" required. You put this file onto something like a jump drive, making it necessary to have your password and the jump drive if you want to access the database. I have a spare keyfile on a CD in my deposit box at the bank.

----

Addendum/Protip: If you know an alternative keyboard layout like colemak or dvorak, you can easily make pretty secure passwords for, say, a login screen at work: type your password on the Qwerty layout as if it were the alternate keyboard layout.

For instance. WeakPassword on Colemak is WkanRaddw;sg on Qwerty. Then, when the desktop loads, so will your alternate layout and everything will be normal.

link
stcredzero 6041 days ago
KeePassX is also available on OS X.
link
RevRal 6040 days ago
Hey! That's really cool.
link
icodemyownshit 6041 days ago
I've been using KeePass for several months and love it. The only thing lacking at this point is a suitable version for iPhone. While there is an app, it has a long way to go. I heard that the Blackberry version is great. I use the same database across OS X and Windows machines.

http://keepass.info/download.html

link
stcredzero 6041 days ago
You can also export your Database from the Windows version of KeePass in a form that's easily massaged to upload to your iPhone with the Keeper app. I use this to keep my password database with me at all times, as well as on all of the machines I work on. No subscription or payment necessary!
link
imurray 6041 days ago
He could put the passwords on a piece of paper in his wallet.

If paranoid, or worried about “shoulder-surfing”, the passwords could be obfuscated in some simple way. Examples: swap the first pair of digits, or swap case, or add a constant to all numbers. This would buy time if the wallet were stolen.

There are those that say passwords should never be written down, but I'm not alone on keeping them in a wallet:

http://software.silicon.com/security/0,39024655,39130618,00.... http://www.schneier.com/blog/archives/2004/12/safe_personal_...

link
mr_pants 6041 days ago
I use the method that joelonsoftware suggested with Password Safe and Dropbox. It's allowed me to use much more secure passwords and have all of my passwords available no matter which of my computers I use.

I haven't tried installing it on a phone.

link
hong 6041 days ago
I've tried several password managers but didn't like them too much. I currently use a word document that is password protected (ironically) and named something inconspicuous. "Report on endangered dolphins in China"
link
stsimb 6040 days ago
+1 for keepass(x)
link