On 08/12/2014 03:14 AM, ellanios82 wrote:
I keep saying Context is Everything and that applies here too.
_______________________
- Thank you,
Because, one needs so many user-names and passwords : My.Yahoo, Google, Bank, etc., etc. : until now it had seemed reasonable to keep in text-file
Eh? Sorry, not I don't think that it does. If you use a modern browser it has the ability to remember login. There are a number of plugins for Firefox to do this. In addition there are specific password managers for Linux in a variety of flavours.
. . . but one reads frightening stuff like hackers scooping millions of passwords
Which journalists play into headlines. Someone drilled down on that and found many of those "millions" were actually garbage. Why? Do you have reason to think that *your* password s have been stolen, are among them? To my mind, protecting the password store on *your* machine is of little use if the sites you visit are vulnerable. Perhaps they have you enter your password over a plain http connection, not https. Perhaps they store your password in cleartext in their database. Heck it makes more sense for hackers to attack some sites that have those millions of passwords, many by people who use the same password on all accounts, that to target users individually. Really, its about Risk management and some *sites* are the risk. Consider the ones, for example that only allow 8 character passwords and ignore case. Yes there are still many of those around.
: thus, it seemed not excessive to think about using PGP to encrypt that text-file
: this text-file might have to be decrypted and again re-encrypted several times a day
Seems very wrong headed to me.
- but, perhaps this is not a good way
Damn right! Lots of limits on how to 'automatically' create, sore, import etc. Lots of manual intervention needed, as you point out. Very much the old 1980's "Classic UNIX" way of doing it. Sad to say but MS-Windows and its emphasis on GUI-ness has show this to be antiquated.
: maybe an Linux specialized password-wallet is a better way to consider ?
Like Kwallet if you are using KDE? Keyring if you are using Gnome? But the example you gave above makes me think that a store integrated with your browser makes more sense. http://www.techradar.com/news/software/applications/8-of-the-best-linux-pass... Probably the most popular is http://www.keepassx.org/ What's interesingt about this http://sourceforge.net/projects/passwordsafe/ is <quote> PasswordSafe lets you create different groups such as blogs, forums, wikis and the like. You can then assign entries to any of these groups. You can define the settings for the password generator in the last tab – things like the number of characters, or what combination of lower-case/uppercase letters and numbers to use. </quote> -- "...there is no reason anyone would want a computer in their home." Ken Olson, President, Chairman, and Founder of DEC, 1977 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org