i always knew you was smart marti...remember...what's on your computer is fair game for hackers....and that is one of the reasons i dont like the idea of cloud computing or online storage...if it is online, people can try to break in 24 hours a day...seven days a week...while if you take your pc offline when you arent there, there's no way for them to get to it
posted by amond
about 1 month ago
I am not familiar with Roboform and Stickypassword. If they are encrypted how is a specific password taken from the above and transferred to the password window on the screen.
the point is dont keep that stuff on your pc at all...whatever can be cracked can be hacked
posted by amond
about 1 month ago
An alternative:
"KeePassX is an application for people with extremely high demands on secure personal data management. It has a light interface, is cross platform and published under the terms of the GNU General Public License."
view linkNote pad and memory are the way to go in my opinion.
posted by baomike
about 1 month ago
www.eons.com/groups/topic/1902882- Vendors-scrambling-to-fix-bug-in-Net-s- security
now what? seems security is a cloud dream, not real..
view link
amond, that's a tad on the paranoid side as far as password programs on a local computer. With solid encryption and a good password it is almost impossible for someone to hack the database kept locally on your computer. Both Roboform and Stickypassword also contain a random password generator that is virtually impossible to break. Cloud computing is another ballgame as you lose control of the database.
I am somewhat of a security geek, with solid security practices and software and have even been called paranoid by some. I keep my banking passwords in a separate encrypted file than the others simply as an extra layer of protection. I've got no worries about using either of the 2 programs I mentioned or having an encrypted file on a flash drive that never leaves a secure location.
mshadow22, encrypted has a major flaw, see my post above..
My passwords are in my head. I do have a notebook with them in a safe place also. I won't put any passwords on my computer. It's my opinion that any computer can be hacked if someone really wantsato bad enough. I'm not speaking of the normal everyday computer user, I'm speaking of the people that hack for a living.
Encypted databases have nothing to do with the SSL flaw. It's the protocol, not the database that is the problem. Even if you have your password in your head and enter it from memory, the flaw still exists. The encrypted database kept locally is secure. It's when you transmit data via SSL that the problem arises.
I used to keep all of my passwords in my head until I got too many to keep track of. I use unique strong passwords for every site and application. To me, a notebook with passwords written down is much less secure than an encrypted database kept locally.
