LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 03-27-2008, 02:34 AM   #1
concoran
Member
 
Registered: Jun 2001
Location: 28N,82W
Distribution: XP,Ubuntu 9
Posts: 468

Rep: Reputation: 30
Storing usernames and passwords on the web?


hey folks, i need a little bit of your help in figuring out how to store my user names and passwords on internet.

I create, just like you, a lot of accounts on web. But like many of you I sprint between multiple multiple computers, so it's hard to organize my usernames and passwords in one place (not practical). So I am seeking your help in knowing how you do it. Do you store yours' on your machine, or on web? If on web, how? How do you store that on web?.
I must also note that I am not asking how you store your root passwords or financial passwords, but it's about how you securely store a lot of web accounts you created.

Thanks.
PS: Sorry, I edited this post multiple times.

Last edited by concoran; 03-27-2008 at 02:59 AM.
 
Old 03-27-2008, 02:44 AM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,986
Blog Entries: 11

Rep: Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880
Not *quite* what you're asking, but ... I'm using MyPasswordSafe (which
uses the same file-format as Bruce Schneier's (Counterpane) passwordsafe
for windows, and I store the (securely encrypted) file in a mailbox in
an online account :} ... the only problem is I have to change it every
time I edit. Not too much hassle, mind you. And when I need a password
my browser will open the web-based file with the application above.



Cheers,
Tink
 
Old 03-27-2008, 02:20 PM   #3
simplicissimus
Registered User
 
Registered: Mar 2008
Posts: 104

Rep: Reputation: 15
paper

Buy a plain paper notebook, something you can carry easily (even if you don't move it a lot), and write down your accounts.

It's not a trendy solution, but it is not bothered by hard disk failures, overwritten installations and other types of computer damages. You have to keep it safe from fire and water, but this is something that paper has in common with computers.

In all honesty, even though browsers and email applications do a good job at storing passwords, I have found it extremely helpful to have all login names and passwords written in one place. Once I had a very bad loss of data situation - that paper notebook saved me a lot of time recreating my working PC environment.

Regards,
SIMP

Fedora User

Last edited by simplicissimus; 04-02-2008 at 05:06 AM.
 
Old 03-27-2008, 02:43 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,986
Blog Entries: 11

Rep: Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880
And how SAFE is it when the notebook gets snaffled? What encryption method
are you using for that?


Cheers,
Tink
 
Old 03-28-2008, 12:41 AM   #5
simplicissimus
Registered User
 
Registered: Mar 2008
Posts: 104

Rep: Reputation: 15
moleskine

Quote:
And how SAFE is it when the notebook gets snaffled? What encryption method
are you using for that?
Let's assume you're on a crowded airport with a notebook (computer) and a notebook (paper). Which one is more likely to get stolen? Make a guess!

But you may think your PC is more safe. I mean, how difficult can it be to boot a stolen laptop with a LiveCD and gaining root access, and then getting into your web browser with all the stored login names and passwords for all your favorite sites and maybe even for your credit cards or bank account? The same for your e-mail application and favorite FTP tool and your saved SSH settings and everything else ...

Ever been in a large office, where all employees have stickies on their monitors with their passwords? Wouldn't it be at least slightly more secure if they would rather have small pocket notebooks (paper) and keep that in their jackets?

The history of Mathematics has actually a lot of solutions available to encrypt written text, so there are plenty possibilities for people who's handwriting is too easy to read. I'm lucky, my handwriting is pure encryption by default to most people on this planet.

Moleskine notebooks have a very nice tradition, check it out on http://www.moleskine.co.uk/ as an alternative to bits and bytes.


Sincerely,
SIMP
 
Old 03-28-2008, 03:14 AM   #6
concoran
Member
 
Registered: Jun 2001
Location: 28N,82W
Distribution: XP,Ubuntu 9
Posts: 468

Original Poster
Rep: Reputation: 30
Well,
I didn't ask for a paper solution. I am paper-free.
I am trying to figure a way out to store my low important usernames/passwords online. One thing I thought about was an account at blogspot. Just create a post, but do not post it. That way you could always log into blogger and access your stuff. But I have my own problems with blogger, though
 
Old 03-28-2008, 03:19 AM   #7
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Do the sites you visit support openID. That may be the long term solution.
 
Old 03-28-2008, 02:41 PM   #8
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,986
Blog Entries: 11

Rep: Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880
Quote:
Originally Posted by simplicissimus View Post
Let's assume you're on a crowded airport with a notebook (computer) and a notebook (paper). Which one is more likely to get stolen? Make a guess!
Depends on the "storage mechanism" chosen for either.

Quote:
Originally Posted by simplicissimus View Post
But you may think your PC is more safe. I mean, how difficult can it be to boot a stolen laptop with a LiveCD and gaining root access,
Quite hard. BIOS password, ASIC encrypted HDD using password.
Passwords stored in password safe, none in the browser accessible
w/o the use of (needless to say) very complex master password.
To get the machine to let you in you need to replace the security
ASIC (costs around 200$) and you need to be VERY good with the
soldering iron, otherwise you render the machine useless. And
the data on the HDD will remain inaccessible, because it only
works the ASIC you just removed and the password combined. I
think the chances of anyone getting into my machine when it's
not turned on, the screen open and me nowhere near are very remote.


Quote:
Originally Posted by simplicissimus View Post
and then getting into your web browser with all the stored login names and passwords for all your favorite sites and maybe even for your credit cards or bank account? The same for your e-mail application and favorite FTP tool and your saved SSH settings and everything else ...
See above. Not an issue.

Quote:
Originally Posted by simplicissimus View Post
Ever been in a large office, where all employees have stickies on their monitors with their passwords?
Wouldn't it be at least slightly more secure if they would rather have small pocket notebooks (paper) and keep that in their jackets?
Seen that, clear breach of most places policy, and I'd
certainly ask them to stop that. And if I caught our
users using notebooks I'd tell them off, too.

Quote:
Originally Posted by simplicissimus View Post
The history of Mathematics has actually a lot of solutions available to encrypt written text, so there are plenty possibilities for people who's handwriting is too easy to read. I'm lucky, my handwriting is pure encryption by default to most people on this planet.
I didn't say it's impossible to make notes on paper hard to
decypher. I was asking how well you thought that stacked up
to electronic encryption.


Quote:
Originally Posted by simplicissimus View Post
Moleskine notebooks have a very nice tradition, check it out on http://www.moleskine.co.uk/ as an alternative to bits and bytes.


Sincerely,
SIMP
Cheers,
Tink
 
Old 03-28-2008, 02:46 PM   #9
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,986
Blog Entries: 11

Rep: Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880
Quote:
Originally Posted by concoran View Post
Well,
I didn't ask for a paper solution. I am paper-free.
I am trying to figure a way out to store my low important usernames/passwords online. One thing I thought about was an account at blogspot. Just create a post, but do not post it. That way you could always log into blogger and access your stuff. But I have my own problems with blogger, though
gmail & drafts ;} ... and using Schneier's algorithm it's quite
safe, no matter how much time a google employee may spend snooping
on your mail (if they do).


Cheers,
Tink
 
Old 03-28-2008, 03:55 PM   #10
beadyallen
Member
 
Registered: Mar 2008
Location: UK
Distribution: Fedora, Gentoo
Posts: 209

Rep: Reputation: 36
Would carrying your whole browser around with you work? Check out Portable Firefox. It's for Windows, but one could surely knock something up for Linux as well. Kind of halfway to booting from USB.
 
  


Reply

Tags
passwords, store


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Storing passwords Ze MoreirA Linux - Security 1 08-13-2007 05:41 AM
default usernames/passwords andrew285 Suse/Novell 6 07-17-2006 06:14 PM
Suggestions for storing passwords on FreeRadius kemplej Linux - Software 0 03-11-2005 12:08 PM
Usernames/Passwords tracker kemplej Linux - Software 1 09-17-2004 06:19 AM
Software for storing numerous id/passwords Nick1104 Linux - Newbie 2 03-11-2004 10:19 AM


All times are GMT -5. The time now is 12:18 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration