02-11-2011, 01:14 PM
|
#41
|
Franchise Player
|
Quote:
Originally Posted by Jimmy Stang
This looks interesting. I think that I'll try out the iPhone versions and see how they work. I see that they have support for Dropbox, which I don't use, but how else would you go about synchronizing your passwords on your device? I'd like to keep my main file "off of the cloud" so to speak, but it would be great to sync it with my iPhone somehow so changes on one would be reflected in the other.
Edit: It looks like MyKeePass lets you host your file on a web server or Dropbox (not ideal), but also lets you import it from your PC using a web interface over your local network. Very cool. I'm going to give this a shot tonight.
|
For both my Blackberry and my Android phone I just mailed the database file to myself, then saved it to the phone. Could just copy it to the miniSD card too. I'd guess you could just sync your iPhone and copy the file.
Pretty easy actually. I'm with you too - I don't like having the database file in the cloud, but I'm an old fart.
|
|
|
03-06-2012, 06:50 PM
|
#42
|
Scoring Winger
|
I went through the thread and there are so great tools listed. I will have to look at them in details to see if any of them would work for an IT department.
Is anyone using a password management tool at an enterprise level? Something that has a SQL or Oracle backend and where passwords can be grouped and provided based on position?
For example the network team can't see the database passwords and the DBA's can't see the network equipment passwords?
I was using AccessManager at another company and it did the job but it was all or nothing for locking down access to passwords.
|
|
|
03-06-2012, 08:56 PM
|
#43
|
#1 Goaltender
|
Quote:
Originally Posted by J Diddy
Is anyone using a password management tool at an enterprise level? Something that has a SQL or Oracle backend and where passwords can be grouped and provided based on position?
For example the network team can't see the database passwords and the DBA's can't see the network equipment passwords?
|
We use Thycotic Secret Server to manage passwords for hundreds of clients. It does pretty much everything you're looking for. Seems to work well enough, although I don't directly support it, I just use it daily. It's always up and running when I need to use it though, so it must be fairly stable.
http://www.thycotic.com/
__________________
-Scott
|
|
|
The Following User Says Thank You to sclitheroe For This Useful Post:
|
|
03-06-2012, 10:02 PM
|
#44
|
Scoring Winger
|
Thank you! I was watching the video demo and it looks promising but I always like to hear from someone that has actually used it. I'll be installing the demo tomorrow.
Anyone else with a secret server review?
|
|
|
03-07-2012, 05:49 AM
|
#45
|
Franchise Player
Join Date: Nov 2006
Location: Supporting Urban Sprawl
|
Our rbac password management system was developed in house.
Really isn't spectacular though, just an extension of our existing client info systems. I have often wanted something much more, might check out secret server, if for no other reason to give me ideas of what to ask our dev to add.
Rathji
__________________
"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
|
|
|
03-05-2013, 11:12 AM
|
#46
|
#1 Goaltender
|
Bumping this thread. What are people's favourite password management tools these days? I've seen quite a few pop up that look good.
Also, just to add: We use SS here at work and I find it's a great tool. Simple, great UI, and works well.
|
|
|
03-05-2013, 11:27 AM
|
#47
|
Franchise Player
Join Date: Sep 2008
Location: Calgary
|
I'm still happily using a few variations of KeePass. KeePass on my PC, KeePass Portable on my keychain, KeePassX on my Mac, and Mini Keepass on my iPhone. All variations open the same file, so I can access it on any device that I need to. It isn't as integrated as other options, but as mentioned earlier in the thread, I'm not crazy about storing my passwords in the cloud. But that's just be being paranoid.
|
|
|
The Following User Says Thank You to Jimmy Stang For This Useful Post:
|
|
03-05-2013, 11:37 AM
|
#48
|
First Line Centre
Join Date: Apr 2006
Location: The wagon's name is "Gaudreau"
|
For 1password, the first 20 passwords you store are free. For me, I find that plenty sufficient.
__________________
|
|
|
The Following User Says Thank You to Teh_Bandwagoner For This Useful Post:
|
|
03-05-2013, 12:19 PM
|
#49
|
The new goggles also do nothing.
Join Date: Oct 2001
Location: Calgary
|
With keepass you can do your own "cloud" as well, just put the file in dropbox and have it require a key file as well (rather than just entering a password).
Not as convenient as some services, but good for people who want to know exactly what's being done with their passwords.
__________________
Uncertainty is an uncomfortable position.
But certainty is an absurd one.
|
|
|
The Following User Says Thank You to photon For This Useful Post:
|
|
03-05-2013, 01:36 PM
|
#50
|
First Line Centre
Join Date: Apr 2006
Location: The wagon's name is "Gaudreau"
|
Quote:
Originally Posted by fotze
The App is $18.
|
For Android? I could have sworn I got it for free. I sure as hell won't pay $18 for any app period lol.
__________________
|
|
|
03-05-2013, 06:29 PM
|
#51
|
Lifetime Suspension
|
Quote:
Originally Posted by old-fart
For both my Blackberry and my Android phone I just mailed the database file to myself, then saved it to the phone. Could just copy it to the miniSD card too. I'd guess you could just sync your iPhone and copy the file.
Pretty easy actually. I'm with you too - I don't like having the database file in the cloud, but I'm an old fart.
|
|
|
|
05-29-2013, 10:14 AM
|
#52
|
ALL ABOARD!
|
1Password is 50% off today if anyone is interested in taking the plunge.
https://agilebits.com/store
|
|
|
The Following User Says Thank You to KTrain For This Useful Post:
|
|
05-29-2013, 10:49 AM
|
#53
|
#1 Goaltender
|
A stark reminder of why you want to take 1Password up on that 50% offer - even random passwords are easily compromised unless you are running them out to 15 or 20 or more characters:
http://arstechnica.com/security/2013...our-passwords/
__________________
-Scott
|
|
|
The Following User Says Thank You to sclitheroe For This Useful Post:
|
|
05-29-2013, 12:52 PM
|
#54
|
Franchise Player
Join Date: Nov 2006
Location: Supporting Urban Sprawl
|
It still baffles me that so many places use MD5.
My other pet peeve is that so many passwords are not salted, but if they can't be bothered to used a secure hashing algorithm, I doubt expecting something like salting is realistic.
__________________
"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
|
|
|
05-29-2013, 01:20 PM
|
#55
|
The new goggles also do nothing.
Join Date: Oct 2001
Location: Calgary
|
Even salting is almost useless with the advent of GPU.
As the article mentions, using bcrypt or even scrypt (scrypt is designed to scale memory usage up as well), algorithms that can scale up in difficulty as hardware changes, should be standard or required for creating an application/site/whatever that stores a password hash.
But security is hard.
It'd be nice if something like OpenID became a defacto standard, or a standard set of libraries and implementations that developers would use at least.
__________________
Uncertainty is an uncomfortable position.
But certainty is an absurd one.
|
|
|
05-31-2013, 06:19 PM
|
#56
|
First Line Centre
|
Quote:
Originally Posted by KTrain
|
Thanks, my trial just ran out couple days ago. Perfect time to pick up a license.
|
|
|
05-31-2013, 07:33 PM
|
#57
|
Franchise Player
Join Date: Dec 2003
Location: Sunshine Coast
|
I just started using Rapport. It was a free download from one of my credit cards. It's supposed to protect me from keylogging and other attacks.
Quote:
Rapport applies basic character replacement algorithm to prevent specific old banking malware from stealing login credentials.
|
Anybody know if this is any good?
http://www.trusteer.com/support/
|
|
|
05-31-2013, 08:11 PM
|
#58
|
Franchise Player
Join Date: Nov 2006
Location: Supporting Urban Sprawl
|
At first glance it seems like nothing more than security theater.
It doesn't remove malware, but blocks it from messing with transactions on certain sites, ensures a secure connection to those same sites, helps prevent phishing, keylogger and DNS attacks.
__________________
"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
|
|
|
05-31-2013, 08:54 PM
|
#59
|
addition by subtraction
Join Date: Feb 2008
Location: Tulsa, OK
|
anyone ever heard of or used dashlane?
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 04:46 PM.
|
|