Re: [tlug] how do you 'web password' ?

[Evan Monroig <evan.monroig@example.com>]

On 12/19/05, Josh Glover <jmglov@example.com> wrote:
> On 19/12/05, Evan Monroig <evan.monroig@example.com> wrote:
> > I have several computers and currently what I do is create 'random'
> > passwords that I choose (and forget of course ...), and then I encrypt
> > them with with my public gpg key. Not really practical but maybe
> > better than the alternative (same password for all accounts, or a
> > sheet of paper with all passwords).
>
> I do precisely the same thing, and so does Scott, and so does Mauro.

great !

In fact I was wondering if it could be improved. For example, when I
have to use one of my password for my work computer for the first
time, I need to decrypt the file, and then copy-paste the password
into firefox. So someone standing behind me would be able to see it,
and someone with access to the clipboard also..

> This is not a "bad solution". To wit, note that Bruce Schneier, God
> Almighty of All Things Crypto and/or Security-Related, [1] himself
> advocates using a password safe tool, [2] which he originally wrote
> and is now maintained by others (on SourceForge).
>
> This is the same solution as using GPG. His tool, having a GUI, is
> targetted more at Windows users, I think.
>

Yes. The website says that there are also clones for linux.

Thanks for the links !

Evan