Tom Metro wrote:
A password safe could use strong encryption to protect the keys used by the one-time authentication algorithm. Ideally, you'd want to have the option to have that info encrypted using a different password than the one protecting your passwords.
Try this little thought experiment. Take all of the passwords that you use on a daily basis. Put them into KeePass or whatever with a strong password (I'm partial to Baekdal's analysis) on the key chain. Get this database onto your shiny thing. Now, for one entire day, every time you need a password you MUST use the the phone application to retrieve it. No cheating: no "remembering" your passwords. No reliance on browser password key chains. OS key rings like the Gnome key ring and Machintosh Keychain cannot be used. SSH Agent is right out. Every password has to be looked up on the phone every time it is needed.
I don't know about you but if I tried to subject myself to that I'd have a hole in a wall needing repair and I'd be out what used to be an expensive shiny thing.
-- Rich P. _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
