LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

View Poll Results: Password management - how do you do it?
One password for everything 6 8.82%
I have a limited list of passwords from which I choose when need arises 44 64.71%
For each new occasion I generate a totally new password 13 19.12%
Other (please specify) 5 7.35%
Voters: 68. You may not vote on this poll

Reply
 
Search this Thread
Old 07-14-2008, 01:59 AM   #1
MasterOfTheWind
Member
 
Registered: Jul 2004
Distribution: Arch, Debian sid, Kubuntu, Slackware 11
Posts: 324

Rep: Reputation: 30
Password management - how do you do it?


Also, what kind of password storage program (if any) do you use?
 
Old 07-14-2008, 04:04 AM   #2
Findus
Member
 
Registered: Nov 2006
Distribution: Fedora 8
Posts: 64

Rep: Reputation: 15
I don't really use any password storage programs, only my head. The one program I use is the one built into KDE, and that is only for my WLAN passphrase.

- Findus
 
Old 07-14-2008, 11:32 AM   #3
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
I use my head as much as I can, and a hidden sheet of handwritten paper for the rest.

NetworkManager takes care of my WLAN password, though.

Last edited by win32sux; 07-14-2008 at 11:34 AM.
 
Old 07-14-2008, 11:52 AM   #4
Cuetzpallin
Member
 
Registered: Feb 2008
Location: Monterrey, MX
Distribution: Slackware since 3.4 and love it!!!
Posts: 162

Rep: Reputation: 31
usually I use my head to remember a list of passwords, but when I deplete my options I write to a hidden paper. LOL
 
Old 07-14-2008, 11:56 AM   #5
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by MasterOfTheWind
Also, what kind of password storage program (if any) do you use?
Plain text password file + gnupg. I keep this in a secure place and decrypt it when I need to use an account.
 
Old 07-14-2008, 05:02 PM   #6
simonapnic
Member
 
Registered: Jul 2008
Posts: 70

Rep: Reputation: 16
Post

Your head is the most secure place for storing a password I guess.
Using 'password management software' is not recommended if you are concerned about the security of your system(s).

Last edited by simonapnic; 07-14-2008 at 05:05 PM.
 
Old 07-15-2008, 04:37 AM   #7
KenJackson
Member
 
Registered: Jul 2006
Location: Maryland, USA
Distribution: Fedora, Arch
Posts: 572

Rep: Reputation: 64
Quote:
Originally Posted by anomie View Post
Plain text password file + gnupg. I keep this in a secure place and decrypt it when I need to use an account.
Hey, that's what I do. But I use ccrypt instead of gnupg. Plus I have this function defined in ~/.bashrc:
Code:
function grepacct()
{
    test -n "$1"  &&  ccat ~/path/to/encrypted/file | grep $1 $2 $3
}
So if I forget, I can type this command and answer the password prompt to be reminded:
grepacct linuxques
 
Old 07-15-2008, 05:02 AM   #8
JZL240I-U
Senior Member
 
Registered: Apr 2003
Location: Germany
Distribution: openSuSE 13.1 / 12.3_64-KDE, Ubuntu 14.04, Fedora 20, Mint 17, Chakra
Posts: 3,674

Rep: Reputation: Disabled
Could you please translate that from bash to "plainspeech" ?

What I understood is: testing for an argument, if it's there ccat will pipe the contents of the (de-?)-crypted file to grep which will display the first three passwords?

But why do you call "grepacct linuxques"

Why don't you use Kwallet?
 
Old 07-15-2008, 06:09 AM   #9
Randux
Senior Member
 
Registered: Feb 2006
Location: Siberia
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705

Rep: Reputation: 54
Keepass and KeepassX
 
Old 07-15-2008, 06:42 AM   #10
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,039
Blog Entries: 52

Rep: Reputation: Disabled
In /skull/brain/cortex/memory/passwords.
 
Old 07-15-2008, 07:32 AM   #11
pgroover
Member
 
Registered: Sep 2005
Location: Colorado
Distribution: Ubuntu
Posts: 55

Rep: Reputation: 16
Keeping a limited amount of passwords is a great way to maintain them, but you should periodically change that set as well.

As for me, I keep them all in my head. That way, they're completely safe except for the alien mind probes...
 
Old 07-15-2008, 08:56 AM   #12
FewClues
Member
 
Registered: Jul 2005
Location: Mission TX
Distribution: Ubuntu, Mint
Posts: 122

Rep: Reputation: 20
Quote:
Originally Posted by simonapnic View Post
Your head is the most secure place for storing a password I guess.
Using 'password management software' is not recommended if you are concerned about the security of your system(s).
I am a retired IT and at my age nothing is safe stored in my head! When I was an active IT for a national bank I was responsible for 22 passwords and encrypted them on my PDA.

When I discovered that our encrypting modems could generate passwords from parse phrases I simply used the department name or function and allowed the modem to generate the password. Funny, once I did that I don't think I ever forgot a parse phrase or password.

I now find that all routers generate the passwords from parse phrases. So my system of passwords is still maintained by them. If I were to forget, and that's very possible at age 72, I simply re-enter "desktop" or "file server" into the router and let it spit out "0161e6dc1b" and my memory is refreshed.
 
Old 07-15-2008, 11:28 AM   #13
mostlyharmless
Senior Member
 
Registered: Jan 2008
Distribution: Slackware 14.1 (multilib) with kernel 3.15.5
Posts: 1,547
Blog Entries: 12

Rep: Reputation: 177Reputation: 177
Combination of all of the above! Some are common and reused on a rotating basis, then some are generated uniquely (it seems like every internet site wants you to setup an account).

One rather annoying "feature" of what I believe to be a flawed security model are the work related passwords that have to be changed every 90 days. It invites weak passwords and writing them down..

Some are stored in my head, but since I have over 40 passwords, some are kept encrypted on my PDA. Since it doesn't leave my person and since I don't work for the NSA, that seems adequate.
 
Old 07-15-2008, 02:31 PM   #14
clint1986
LQ Newbie
 
Registered: Jul 2008
Location: Devon, United Kingdom
Distribution: Debian
Posts: 24

Rep: Reputation: 15
I like to keep different passwords for different types of use. I have one password for anything to do with money, one for forums, one for system administration on computers (different for each machine) and so on. I find it is a comfortable compromise between keeping my passwords unique but also memorable by not using too many. :)

Last edited by clint1986; 07-15-2008 at 02:38 PM.
 
Old 07-15-2008, 03:24 PM   #15
General Failure
Member
 
Registered: Jan 2007
Location: Germany
Distribution: Slackware 13.37
Posts: 384

Rep: Reputation: 34
I have to say I find this to be some very interesting conversation considering this is a login-based web forum

I voted however - maybe I shouldn't have. Im starting to feel insecure

PS: Now I feel better. I changed my bookmark to https://www.linuxquestions.org. Hehe.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
KDE password management - really could use help! 449 Linux - Newbie 2 02-02-2008 02:17 PM
thunderbird password management problem Garda Linux - Software 1 10-10-2005 11:53 PM
Looking for a web based password management system jfall Linux - Software 1 05-07-2005 07:41 AM
Secure Password Management win32sux General 0 04-30-2005 08:11 AM
password management software ttilt Linux - Software 8 12-28-2003 10:10 PM


All times are GMT -5. The time now is 03:48 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration