Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


View Poll Results: Password management - how do you do it?
One password for everything 6 8.82%
I have a limited list of passwords from which I choose when need arises 44 64.71%
For each new occasion I generate a totally new password 13 19.12%
Other (please specify) 5 7.35%
Voters: 68. You may not vote on this poll

  Search this Thread
Old 07-14-2008, 01:59 AM   #1
Registered: Jul 2004
Distribution: Arch, Debian sid, Kubuntu, Slackware 11
Posts: 324

Rep: Reputation: 30
Password management - how do you do it?

Also, what kind of password storage program (if any) do you use?
Old 07-14-2008, 04:04 AM   #2
Registered: Nov 2006
Distribution: Fedora 8
Posts: 64

Rep: Reputation: 15
I don't really use any password storage programs, only my head. The one program I use is the one built into KDE, and that is only for my WLAN passphrase.

- Findus
Old 07-14-2008, 11:32 AM   #3
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
I use my head as much as I can, and a hidden sheet of handwritten paper for the rest.

NetworkManager takes care of my WLAN password, though.

Last edited by win32sux; 07-14-2008 at 11:34 AM.
Old 07-14-2008, 11:52 AM   #4
Registered: Feb 2008
Location: Monterrey, MX
Distribution: Slackware since 3.4 and love it!!!
Posts: 162

Rep: Reputation: 31
usually I use my head to remember a list of passwords, but when I deplete my options I write to a hidden paper. LOL
Old 07-14-2008, 11:56 AM   #5
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Originally Posted by MasterOfTheWind
Also, what kind of password storage program (if any) do you use?
Plain text password file + gnupg. I keep this in a secure place and decrypt it when I need to use an account.
Old 07-14-2008, 05:02 PM   #6
Registered: Jul 2008
Posts: 70

Rep: Reputation: 16

Your head is the most secure place for storing a password I guess.
Using 'password management software' is not recommended if you are concerned about the security of your system(s).

Last edited by simonapnic; 07-14-2008 at 05:05 PM.
Old 07-15-2008, 04:37 AM   #7
Registered: Jul 2006
Location: Maryland, USA
Distribution: Fedora and others
Posts: 755

Rep: Reputation: 144Reputation: 144
Originally Posted by anomie View Post
Plain text password file + gnupg. I keep this in a secure place and decrypt it when I need to use an account.
Hey, that's what I do. But I use ccrypt instead of gnupg. Plus I have this function defined in ~/.bashrc:
function grepacct()
    test -n "$1"  &&  ccat ~/path/to/encrypted/file | grep $1 $2 $3
So if I forget, I can type this command and answer the password prompt to be reminded:
grepacct linuxques
Old 07-15-2008, 05:02 AM   #8
Senior Member
Registered: Apr 2003
Location: Germany
Distribution: openSuSE Tumbleweed-KDE, Mint 18.3+19.0, MX-18
Posts: 4,258

Rep: Reputation: Disabled
Could you please translate that from bash to "plainspeech" ?

What I understood is: testing for an argument, if it's there ccat will pipe the contents of the (de-?)-crypted file to grep which will display the first three passwords?

But why do you call "grepacct linuxques"

Why don't you use Kwallet?
Old 07-15-2008, 06:09 AM   #9
Senior Member
Registered: Feb 2006
Location: Siberia
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705

Rep: Reputation: 54
Keepass and KeepassX
Old 07-15-2008, 06:42 AM   #10
LQ 5k Club
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.2
Posts: 7,809
Blog Entries: 58

Rep: Reputation: Disabled
In /skull/brain/cortex/memory/passwords.
Old 07-15-2008, 07:32 AM   #11
Registered: Sep 2005
Location: Colorado
Distribution: Ubuntu
Posts: 56

Rep: Reputation: 16
Keeping a limited amount of passwords is a great way to maintain them, but you should periodically change that set as well.

As for me, I keep them all in my head. That way, they're completely safe except for the alien mind probes...
Old 07-15-2008, 08:56 AM   #12
Registered: Jul 2005
Location: Mission TX
Distribution: Ubuntu, Mint
Posts: 122

Rep: Reputation: 20
Originally Posted by simonapnic View Post
Your head is the most secure place for storing a password I guess.
Using 'password management software' is not recommended if you are concerned about the security of your system(s).
I am a retired IT and at my age nothing is safe stored in my head! When I was an active IT for a national bank I was responsible for 22 passwords and encrypted them on my PDA.

When I discovered that our encrypting modems could generate passwords from parse phrases I simply used the department name or function and allowed the modem to generate the password. Funny, once I did that I don't think I ever forgot a parse phrase or password.

I now find that all routers generate the passwords from parse phrases. So my system of passwords is still maintained by them. If I were to forget, and that's very possible at age 72, I simply re-enter "desktop" or "file server" into the router and let it spit out "0161e6dc1b" and my memory is refreshed.
Old 07-15-2008, 11:28 AM   #13
Senior Member
Registered: Jan 2008
Distribution: Arch/Slackware/Knoppix
Posts: 1,799
Blog Entries: 14

Rep: Reputation: 280Reputation: 280Reputation: 280
Combination of all of the above! Some are common and reused on a rotating basis, then some are generated uniquely (it seems like every internet site wants you to setup an account).

One rather annoying "feature" of what I believe to be a flawed security model are the work related passwords that have to be changed every 90 days. It invites weak passwords and writing them down..

Some are stored in my head, but since I have over 40 passwords, some are kept encrypted on my PDA. Since it doesn't leave my person and since I don't work for the NSA, that seems adequate.
Old 07-15-2008, 02:31 PM   #14
LQ Newbie
Registered: Jul 2008
Location: Devon, United Kingdom
Distribution: Debian
Posts: 24

Rep: Reputation: 15
I like to keep different passwords for different types of use. I have one password for anything to do with money, one for forums, one for system administration on computers (different for each machine) and so on. I find it is a comfortable compromise between keeping my passwords unique but also memorable by not using too many. :)

Last edited by clint1986; 07-15-2008 at 02:38 PM.
Old 07-15-2008, 03:24 PM   #15
General Failure
Registered: Jan 2007
Location: Germany
Distribution: Slackware 13.37
Posts: 387

Rep: Reputation: 35
I have to say I find this to be some very interesting conversation considering this is a login-based web forum

I voted however - maybe I shouldn't have. Im starting to feel insecure

PS: Now I feel better. I changed my bookmark to Hehe.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
KDE password management - really could use help! 449 Linux - Newbie 2 02-02-2008 02:17 PM
thunderbird password management problem Garda Linux - Software 1 10-10-2005 11:53 PM
Looking for a web based password management system jfall Linux - Software 1 05-07-2005 07:41 AM
Secure Password Management win32sux General 0 04-30-2005 08:11 AM
password management software ttilt Linux - Software 8 12-28-2003 10:10 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:27 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration