2
1
i've been keeping all my password into one excel file and encrypting them with winzip highest 256bit protection but recently i'm stumbled onto this article on lifehacker
so i'm wondering if the effort is worth it to switch to keepass, or is my current protection good enough?
as for any password that's in firefox i'll be using the firefox master password protection.
melaos
Posted 2010-01-12T01:28:57.247
Reputation: 304
8
Switch to a quality password manager which has been specifically designed to manage and protect your passwords. If you use Excel and WinZip, you risk leaving behind temporary files ... which, even if deleted could be recovered if not wiped securely. You're trusting in two tools not specifically designed for security plus covering your own tracks in order for your current system to work right!
Whereas, specially-designed password management software like KeePass (as you've mentioned) or Password Safe typically take additional measures to scrub memory, clipboard, etc. when they are closed, better protecting your passwords. Your unencrypted passwords shouldn't ever be on disk, even temporarily.
Chris W. Rea
Posted 2010-01-12T01:28:57.247
Reputation: 10 282
+1 for KeePass, and agree with BasicallyMoney.com. I like the auto-type feature. I also like additional number of rounds of encryption, but I'm not sure how much more secure that makes things. I use the button to computer the number of rounds the computer can execute in one seconds. – Scott McClenning – 2010-01-12T02:53:17.467
0
Apart from the other answer, with which I agree, if you're going with your idea, may one suggest using RAR. It rates a little better on the question of password cracking of archives.
Also, why excel file ? Wouldn't a normal txt file be a better solution. Easier to open anywhere, its editors usualy don't leave a temp file, ...
But really, it is a matter of how interesting someone is to acquire your login/passwords information. For most people, that risk is relatively low.
p.s. Thought about online password storage ?
Rook
Posted 2010-01-12T01:28:57.247
Reputation: 21 622
hi, it's not a new idea, that's what i've been using for this while and i was thinking of switching to keepass. hence why i asked the question here. – melaos – 2010-01-12T01:53:50.527
Yeah, it's not bad (keepass). I used to use it for a while ... then I forgot my own master password. Now I just use firefox's features (with some auto completion <-- one of the things I missed about firefox <-- roboform has it though). – Rook – 2010-01-12T02:42:31.027
%s/missed about firefox/missed about keepass – Rook – 2010-01-12T02:54:57.200
mmm, don't really like online storage bro, as one server crash or some hacky teenager could put my bud in hot water :) – melaos – 2010-01-13T00:58:51.647
uhmm ... keepass is not online storage. but yes, i agree, for the same reasons. – Rook – 2010-01-13T01:40:11.397
Just in case there's people who's in the same situation as i am, you can easily convert your excel to csv and using the v2 of keepass and just import it via the universal cvs importer. :) – melaos – 2010-01-13T00:57:54.033