GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
View Poll Results: How do you organize your passwords?
text file
1
5.26%
encryptted text file
4
21.05%
in a mysql database
1
5.26%
password managers like keepassX lastpass etc
10
52.63%
Other
8
42.11%
Multiple Choice Poll. Voters: 19. You may not vote on this poll
Also, I never use the same username AND password. However, I do reuse both, but not at the same time. Yeah, it is a downside to memorizing the password, but I don't want to write it down, and keeping an encrypted store adds complication and possible vulnerabilities beyond my control.
How do you keep track of > a couple dozen combinations.
even with consolidating down bank accounts I still have 3-4 banks, then the utilities to log in and see what is due, then the wife's school loan. Then various places I've made purchases (amazon, etc), forums (LQ, etc). Its just too many.
I get them mixed up all the time. I can remember the passwords, but not which computers / volumes / sites they are for. So I have this mapped in an encrypted plain text file. Previosly it was a bunch of post-it notes hidden under the box of post-it notes next to the keyboard.
metaschima, I changed my GitHub password yesterday, and it does not contain [A-Z]. Could be that your password is rejected because it's considered weak for some other reason. Put some !"#¤%&/()=?-_ into it.
I get them mixed up all the time. I can remember the passwords, but not which computers / volumes / sites they are for. So I have this mapped in an encrypted plain text file. Previosly it was a bunch of post-it notes hidden under the box of post-it notes next to the keyboard.
metaschima, I changed my GitHub password yesterday, and it does not contain [A-Z]. Could be that your password is rejected because it's considered weak for some other reason. Put some !"#¤%&/()=?-_ into it.
It's probably because it doesn't contain any lower case characters.
How do you decrypt the plain text ? If the data ever hits the disk then the encryption is useless. A more common problem is that the decrypted file stays in RAM and can be sniffed.
Personally, I dislike putting all my eggs in one basket. I don't keep my passwords in one place, I don't write them down, and I don't use the same username password combination.
I have mine separated now, bank accounts and such are in the spreadsheet, wen sites in firefox. I plan to keep separate anyway, be it two back end files for keepass or whatever.
How do you decrypt the plain text ? If the data ever hits the disk then the encryption is useless. A more common problem is that the decrypted file stays in RAM and can be sniffed.
EncFS.
The average thief can not retrieve it and SÄPO (the Swedish stasi) can get into my accounts by other means.
The only passwords I have in keepassX are for sites like banking, paypal and shopping as these are 20 characters long.
Sites that do not have my financial or personal information, I just use 8 to 10 characters which I have memorized and on a usb stick.
Anyway, lots of great replies from everyone here.
Basically your doing data classification. I've done similar. I have a small truecrypt volume that gets synced to all my devices which has all my most sensitive data such as the spreadsheet with the bank account user/password/account numbers, scans of birth certificates, social security cards, etc.
The rest are less sensitive such as forum passwords and are just stored in Firefox (which I need to move away from since it will no longer sync).
FWIW I just "unclassified" one document, my personal net worth. It didn't have account numbers or passwords, just total balances, so someone pocketing my phone/laptop doesn't get anything useful, in fact maybe when they see how low my net worth is they will feel bad and give it back
Basically your doing data classification. I've done similar. I have a small truecrypt volume that gets synced to all my devices which has all my most sensitive data such as the spreadsheet with the bank account user/password/account numbers, scans of birth certificates, social security cards, etc.
Hi enine
Not sure if you are aware of this but trucrypt had shutdown the project due to it's insecurity. Some articles recommend using Gnome Encfs Manager or zuluCrypt as replacements. Both can create encrypted volumes via a file and a block device.
Not sure if you are aware of this but trucrypt had shutdown the project due to it's insecurity. Some articles recommend using Gnome Encfs Manager or zuluCrypt as replacements. Both can create encrypted volumes via a file and a block device.
Yes, I know its been shutdown, but there are several other programs which can use a truecrypt container.
Remember they said may be insecure, thats the key. Any software may be insecure as you never know if there are vulnerabilities that have yet to be found. I just say truerypt since thats the origination of my encrypted volume. I'm using EDS on my phone and tablet for example.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.