Calgarypuck Forums - The Unofficial Calgary Flames Fan Community
Old 02-11-2011, 01:14 PM   #41
old-fart
Franchise Player
 
old-fart's Avatar
 
Join Date: Jan 2007
Exp:
Default

Quote:
Originally Posted by Jimmy Stang View Post
This looks interesting. I think that I'll try out the iPhone versions and see how they work. I see that they have support for Dropbox, which I don't use, but how else would you go about synchronizing your passwords on your device? I'd like to keep my main file "off of the cloud" so to speak, but it would be great to sync it with my iPhone somehow so changes on one would be reflected in the other.

Edit: It looks like MyKeePass lets you host your file on a web server or Dropbox (not ideal), but also lets you import it from your PC using a web interface over your local network. Very cool. I'm going to give this a shot tonight.
For both my Blackberry and my Android phone I just mailed the database file to myself, then saved it to the phone. Could just copy it to the miniSD card too. I'd guess you could just sync your iPhone and copy the file.

Pretty easy actually. I'm with you too - I don't like having the database file in the cloud, but I'm an old fart.
old-fart is offline   Reply With Quote
Old 03-06-2012, 06:50 PM   #42
J Diddy
Scoring Winger
 
Join Date: Dec 2010
Exp:
Default

I went through the thread and there are so great tools listed. I will have to look at them in details to see if any of them would work for an IT department.

Is anyone using a password management tool at an enterprise level? Something that has a SQL or Oracle backend and where passwords can be grouped and provided based on position?
For example the network team can't see the database passwords and the DBA's can't see the network equipment passwords?

I was using AccessManager at another company and it did the job but it was all or nothing for locking down access to passwords.
J Diddy is offline   Reply With Quote
Old 03-06-2012, 08:56 PM   #43
sclitheroe
#1 Goaltender
 
Join Date: Sep 2005
Exp:
Default

Quote:
Originally Posted by J Diddy View Post
Is anyone using a password management tool at an enterprise level? Something that has a SQL or Oracle backend and where passwords can be grouped and provided based on position?
For example the network team can't see the database passwords and the DBA's can't see the network equipment passwords?
We use Thycotic Secret Server to manage passwords for hundreds of clients. It does pretty much everything you're looking for. Seems to work well enough, although I don't directly support it, I just use it daily. It's always up and running when I need to use it though, so it must be fairly stable.

http://www.thycotic.com/
__________________
-Scott
sclitheroe is offline   Reply With Quote
The Following User Says Thank You to sclitheroe For This Useful Post:
Old 03-06-2012, 10:02 PM   #44
J Diddy
Scoring Winger
 
Join Date: Dec 2010
Exp:
Default

Thank you! I was watching the video demo and it looks promising but I always like to hear from someone that has actually used it. I'll be installing the demo tomorrow.

Anyone else with a secret server review?
J Diddy is offline   Reply With Quote
Old 03-07-2012, 05:49 AM   #45
Rathji
Franchise Player
 
Rathji's Avatar
 
Join Date: Nov 2006
Location: Supporting Urban Sprawl
Exp:
Default

Our rbac password management system was developed in house.
Really isn't spectacular though, just an extension of our existing client info systems. I have often wanted something much more, might check out secret server, if for no other reason to give me ideas of what to ask our dev to add.


Rathji
__________________
"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
Rathji is offline   Reply With Quote
Old 03-05-2013, 11:12 AM   #46
woob
#1 Goaltender
 
woob's Avatar
 
Join Date: Jan 2006
Exp:
Default

Bumping this thread. What are people's favourite password management tools these days? I've seen quite a few pop up that look good.

Also, just to add: We use SS here at work and I find it's a great tool. Simple, great UI, and works well.
woob is offline   Reply With Quote
Old 03-05-2013, 11:27 AM   #47
Jimmy Stang
Franchise Player
 
Jimmy Stang's Avatar
 
Join Date: Sep 2008
Location: Calgary
Exp:
Default

I'm still happily using a few variations of KeePass. KeePass on my PC, KeePass Portable on my keychain, KeePassX on my Mac, and Mini Keepass on my iPhone. All variations open the same file, so I can access it on any device that I need to. It isn't as integrated as other options, but as mentioned earlier in the thread, I'm not crazy about storing my passwords in the cloud. But that's just be being paranoid.
Jimmy Stang is offline   Reply With Quote
The Following User Says Thank You to Jimmy Stang For This Useful Post:
Old 03-05-2013, 11:37 AM   #48
Teh_Bandwagoner
First Line Centre
 
Teh_Bandwagoner's Avatar
 
Join Date: Apr 2006
Location: The wagon's name is "Gaudreau"
Exp:
Default

For 1password, the first 20 passwords you store are free. For me, I find that plenty sufficient.
__________________
Teh_Bandwagoner is offline   Reply With Quote
The Following User Says Thank You to Teh_Bandwagoner For This Useful Post:
Old 03-05-2013, 12:19 PM   #49
photon
The new goggles also do nothing.
 
photon's Avatar
 
Join Date: Oct 2001
Location: Calgary
Exp:
Default

With keepass you can do your own "cloud" as well, just put the file in dropbox and have it require a key file as well (rather than just entering a password).

Not as convenient as some services, but good for people who want to know exactly what's being done with their passwords.
__________________
Uncertainty is an uncomfortable position.
But certainty is an absurd one.
photon is offline   Reply With Quote
The Following User Says Thank You to photon For This Useful Post:
Old 03-05-2013, 01:36 PM   #50
Teh_Bandwagoner
First Line Centre
 
Teh_Bandwagoner's Avatar
 
Join Date: Apr 2006
Location: The wagon's name is "Gaudreau"
Exp:
Default

Quote:
Originally Posted by fotze View Post
The App is $18.
For Android? I could have sworn I got it for free. I sure as hell won't pay $18 for any app period lol.
__________________
Teh_Bandwagoner is offline   Reply With Quote
Old 03-05-2013, 06:29 PM   #51
MrMastodonFarm
Lifetime Suspension
 
MrMastodonFarm's Avatar
 
Join Date: Oct 2001
Exp:
Default

Quote:
Originally Posted by old-fart View Post
For both my Blackberry and my Android phone I just mailed the database file to myself, then saved it to the phone. Could just copy it to the miniSD card too. I'd guess you could just sync your iPhone and copy the file.

Pretty easy actually. I'm with you too - I don't like having the database file in the cloud, but I'm an old fart.
MrMastodonFarm is offline   Reply With Quote
Old 05-29-2013, 10:14 AM   #52
KTrain
ALL ABOARD!
 
KTrain's Avatar
 
Join Date: Oct 2003
Exp:
Default

1Password is 50% off today if anyone is interested in taking the plunge.

https://agilebits.com/store
KTrain is offline   Reply With Quote
The Following User Says Thank You to KTrain For This Useful Post:
Old 05-29-2013, 10:49 AM   #53
sclitheroe
#1 Goaltender
 
Join Date: Sep 2005
Exp:
Default

A stark reminder of why you want to take 1Password up on that 50% offer - even random passwords are easily compromised unless you are running them out to 15 or 20 or more characters:

http://arstechnica.com/security/2013...our-passwords/
__________________
-Scott
sclitheroe is offline   Reply With Quote
The Following User Says Thank You to sclitheroe For This Useful Post:
Old 05-29-2013, 12:52 PM   #54
Rathji
Franchise Player
 
Rathji's Avatar
 
Join Date: Nov 2006
Location: Supporting Urban Sprawl
Exp:
Default

It still baffles me that so many places use MD5.

My other pet peeve is that so many passwords are not salted, but if they can't be bothered to used a secure hashing algorithm, I doubt expecting something like salting is realistic.
__________________
"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
Rathji is offline   Reply With Quote
Old 05-29-2013, 01:20 PM   #55
photon
The new goggles also do nothing.
 
photon's Avatar
 
Join Date: Oct 2001
Location: Calgary
Exp:
Default

Even salting is almost useless with the advent of GPU.

As the article mentions, using bcrypt or even scrypt (scrypt is designed to scale memory usage up as well), algorithms that can scale up in difficulty as hardware changes, should be standard or required for creating an application/site/whatever that stores a password hash.

But security is hard.

It'd be nice if something like OpenID became a defacto standard, or a standard set of libraries and implementations that developers would use at least.
__________________
Uncertainty is an uncomfortable position.
But certainty is an absurd one.
photon is offline   Reply With Quote
Old 05-31-2013, 06:19 PM   #56
FlamesPuck12
First Line Centre
 
Join Date: Apr 2007
Exp:
Default

Quote:
Originally Posted by KTrain View Post
1Password is 50% off today if anyone is interested in taking the plunge.

https://agilebits.com/store
Thanks, my trial just ran out couple days ago. Perfect time to pick up a license.
FlamesPuck12 is offline   Reply With Quote
Old 05-31-2013, 07:33 PM   #57
Vulcan
Franchise Player
 
Vulcan's Avatar
 
Join Date: Dec 2003
Location: Sunshine Coast
Exp:
Default

I just started using Rapport. It was a free download from one of my credit cards. It's supposed to protect me from keylogging and other attacks.

Quote:
Rapport applies basic character replacement algorithm to prevent specific old banking malware from stealing login credentials.
Anybody know if this is any good?

http://www.trusteer.com/support/
Vulcan is offline   Reply With Quote
Old 05-31-2013, 08:11 PM   #58
Rathji
Franchise Player
 
Rathji's Avatar
 
Join Date: Nov 2006
Location: Supporting Urban Sprawl
Exp:
Default

At first glance it seems like nothing more than security theater.

It doesn't remove malware, but blocks it from messing with transactions on certain sites, ensures a secure connection to those same sites, helps prevent phishing, keylogger and DNS attacks.
__________________
"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
Rathji is offline   Reply With Quote
Old 05-31-2013, 08:54 PM   #59
dobbles
addition by subtraction
 
Join Date: Feb 2008
Location: Tulsa, OK
Exp:
Default

anyone ever heard of or used dashlane?
dobbles is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 05:50 PM.

Calgary Flames
2023-24




Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright Calgarypuck 2021