HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 41 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow Password Managers
EH-Net
May 22, 2013, 09:40:12 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Password Managers  (Read 4208 times)
0 Members and 1 Guest are viewing this topic.
Svenxix
Newbie
*
Offline Offline

Posts: 17


View Profile
« on: January 02, 2010, 02:13:19 AM »
I have been frustrated with the amount of passwords that I have to memorize and I am looking into using a password manager. However, I am a little hesitant to put all of my passwords into one place. If it ever gets compromised I would be in a lot of trouble. Any opinions?
Logged
h0les
Newbie
*
Offline Offline

Posts: 19


View Profile
« Reply #1 on: January 02, 2010, 07:21:29 AM »
passwordsafe + yubikey provides that extra layer of security
Logged
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #2 on: January 02, 2010, 10:05:03 AM »
Verisign has an offering as well:

https://pip.verisignlabs.com/
Logged
Data_Raid
Full Member
***
Offline Offline

Posts: 165



View Profile
« Reply #3 on: January 04, 2010, 03:15:17 AM »
Here are a few more password managers that have been mentioned in other forums:
http://keepass.info/
http://passwordsafe.sourceforge.net/

I don't use any password manager personally, I'm guessing that they provide no protecton against dictionary/brute force attacks. Maybe you could use a password manager along with TrueCrypt for an extra layer of protection or possibly IronKey (which provides protection against password attacks), downside is if you lose it: https://www.ironkey.com/demo-enterprise
Logged
All men by nature desire knowledge.

Aristotle
chrisj
Hero Member
*****
Offline Offline

Posts: 1163


View Profile WWW
« Reply #4 on: January 04, 2010, 03:33:45 PM »
I use passwordsafe at work, and keepass at home. Both programs are nice, later this year, I might start migrating work to Keepass (unlike passwordsafe it works on every OS we use).

I would keep the passwords to the safe copied down somewhere. I've lost some passwords because I couldn't remember the password I used for the safe. I recommend your wallet, firesafe, or a safety deposit box depending on how paranoid you are. Smiley

As Data_Raid said, if they get the file, they might be able to brute force it.

Something else you might do, to spread the pain of a compromise, is to use different safes (files) with passwords to different things in them.
Logged
OSWP, Sec+
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.094 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.