On 06/08/2012 12:16 AM, Ian Gorrie wrote: >> solution where I store my passwords in a simple text file, encrypted >> with GPG, and stored on an IronKey. If I can't remember a password, I
I've been using something similar - text file, gpg encrypted, for many years ( 2002- ), works well. Add a simple Vi macro to run 'mkpasswd -l 20' on demand; helps with generating new passwords as well. > managers like 1password and KeePass are up to only with a bigger > userbase, active development, and it's not gone if you lose your Ironkey. cvs initially, svn later now Git to move the contents into a backed up on edit script works too. Plus, that works even when one is offline ( or if the remote cloud / shared storage service is down ) Worth noting here that some managers, desktop apps specially, will decrypt to disk the entire password store when one opens the password-db. If one has that setup over a fuse like remote storage service that versions rather than wipes contents, could get into trouble. And I've seen reports that browser driven interfaces can be vulnerable to in-browser addons / apps / proxies. Not looked into that too far, since my process is different - and my primary concern is device memory scanners. Regards, -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh ICQ: 2522219 | Yahoo IM: z00dax | Gtalk: z00dax GnuPG Key : http://www.karan.org/publickey.asc _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
