Security Basics mailing list archives
RE: securing password list
From: "Andrew Shore" <andrew.shore () holistecs com>
Date: Mon, 22 Mar 2004 09:30:17 -0000
Perhaps using win2k file encryption may help. As the encryption key is tied to your user account you are unlikely to forget it and it allows only your access. Also use file level permission to ensure no one else can even see then file. Andrew Shore Senior Security Specialist DDI. 01302 308 165 andrew.shore () holistecs com Company Number 04943010 VAT Number 828 8635 82 Holistic Technologies Ltd Unit 7 Shaw Wood Business Park Shaw Wood Way Doncaster South Yorkshire DN2 5TB T. 0870 240 1442 F. 0870 240 1443 www.holistecs.com -----Original Message----- From: beevoo8 () hotmail com [mailto:beevoo8 () hotmail com] Sent: 18 March 2004 17:52 To: security-basics () securityfocus com Subject: securing password list In my job I have a number of username/passwords to various websites and machines that I must keep track of. I was soliciting ideas on how to store these passwords securely. Encrypting them with a passphrase seems counterproductive since the file may not be accessed for a while and the passphrase might be forgotten. Would biometrics be a safer idea? What security methods do you use to secure a list such as this? Any suggestions would be appreciated. ------------------------------------------------------------------------ --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- securing password list beevoo8 (Mar 19)
- Re: securing password list Joerg Over Dexia (Mar 22)
- Re: securing password list Steven Joerger (Mar 22)
- Re: securing password list E.Kellinis (Mar 22)
- <Possible follow-ups>
- RE: securing password list Dan Denton (Mar 19)
- Re: securing password list Michael Gale (Mar 22)
- Re: securing password list E.Kellinis (Mar 22)
- RE: securing password list Josh Mills (Mar 22)
- RE: securing password list Andrew Shore (Mar 22)
- RE: securing password list Jeremy McBane (Mar 24)
- RE: securing password list David Gillett (Mar 25)
- RE: securing password list Fahr, Sam@HHSDC-SFIS (Mar 25)