MCBastos wrote:
Interviewed by CNN on 02/04/2012 02:00, Bill Davidsen told the world:
I am doing some work for an agency which has a requirement that they will have a
recent copy of all passwords stored on any computer accessing their site.
Unfortunately I don't have a technical solution for you, but...
They are requiring you to surrender ALL passwords that you save on your
computer, even ones for totally unrelated
purposes/websites/services/banks, just because you *accessed their web
site*? That's whack, man!
Their computer.
Personally, I would go the route of "not saving ANY password on the
computer." That way, you fulfill their absurd requirement without
actually surrendering any password. It's a drag, having to type all
passwords by hand, but still better than surrendering your personal
passwords to a third party.
There are no personal passwords, and I'm not just accessing their web site, I'm
doing stuff for them. Using a computer used for nothing else, running Linux,
accessing no public anything (the VPN only lets me talk to them).
To lessen the drudgery, I would set up a LastPass account to handle all
the low-security passwords (forums and such). Since those passwords are
stored "in the cloud," they should be technically exempt from that
requirement too. But I wouldn't trust LastPass with IMPORTANT passwords,
like for banking -- but then, I don't save those in Seamonkey either.
Hell, I don't even trust Keepass with those, and that's stored in a
local file using allegedly high-security encryption.
I will keep no other copies of passwords, access codes, or any similar material,
except on the encrypted disk.
Another possibility is having a copy of Portable
Seamonkey/Firefox/Opera/Chrome on a USB drive, and only saving passwords
on THAT copy -- again, technically "not saved on the computer."
For which I could go to prison. I do _not_ try to think about beating the rules.
--
Bill Davidsen <[email protected]>
We are not out of the woods yet, but we know the direction and have
taken the first step. The steps are many, but finite in number, and if
we persevere we will reach our destination. -me, 2010
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
