[Discuss] Password managers
Derek Martin
invalid at pizzashack.org
Thu May 14 22:07:31 EDT 2020
On Tue, May 12, 2020 at 01:13:26PM -0400, Daniel Barrett wrote:
> On May 11, 2020, Derek Martin wrote:
> >> Dan Barrett wrote:
> >>> 1. Store username/password pairs in a tab-delimited text file, one
> >>> entry per line, with 3 columns: username, password, and freeform text.
> >
> >I do the same basic idea but I use one file per password and
> >individually encrypt them.
>
> How interesting. I'm curious though: how do you identify the file you
> need to obtain a given password? Some sort of file naming scheme? Does
> it scale well to 1000+ passwords?
So, I do use Rich's suggestion of using directories to do a bit of
house keeping, though not quite the same way but it's the same idea.
I generally just use the entity's name... they're generally unique.
There can not be two AT&T's... :) Of course I might have two separate
accounts for different things at AT&T (and in fact I have none, so...)
But in that case the name becomes ATT_Wireless, ATT_cable. whatever...
This does not seem like a hard problem to me. :)
That said, I'm not trying to scale to 1K passwords. And more often
than not, if I need to create an account to use your website, I
will...not use your website. Obviously doesn't apply for accounts I
need, like financials, mail order, etc. where they are transactional
in nature and my identity actually matters to transactions.
I had a real hard time with NVidia when their GForce Experience
started requiring a password... I should not need to give them my
e-mail address just so I can use all of the features of my video card.
That still burns me TBH.
> Here's a scenario. I maintain a dozen MediaWiki sites, and each one
> includes 1-2 mySQL passwords and several wiki user passwords. How
> would you handle this situation with multiple, separately encrypted
> password files? With a single password file, I can decrypt to stdout
> and grep for strings.
One per site. There's surely something unique about them, that's what
I'd use. Those would all end up in one directory (separate from any
other type of account), and if it made sense I'd further divide them
into subdirs somehow.
--
Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address. Replying to it will result in
undeliverable mail due to spam prevention. Sorry for the inconvenience.
More information about the Discuss
mailing list