

Ask HN: Password managers - waldrews

HN is a security savvy crowd that, I assume, does not like to reuse the same password on multiple sites of dubious security.  What software do you use to manage the proliferation of passwords, user id's, and email addresses you have to give out to register on so many websites?  Do you synchronize these across multiple browsers/boxes?<p>Is there market opportunity for a piece of new password management software?  What features aren't there that should be?
======
paulgb
For anything not ultra secure (bank/paypal/email/etc.), I remember a main
password and then use a bookmarklet that creates different individual
passwords that work for each website. The advantage of this is that I don't
have to do any synchronization at all, and I can access any website on any
computer.

I really can't believe this hasn't caught on as a password solution, even
among the geeks I know; it has all the advantages of a password manager
without the disadvantages.

<http://supergenpass.com/>

------
joebasirico
I am a software security consultant and developer, and I've got to say my
favorite is PasswordSafe, originally written by Bruce Schneier, it's now open
source and available on sourceforge. It's secure, lightweight, easy to use and
can be installed on a thumbdrive for portability.
<http://passwordsafe.sourceforge.net/>

~~~
dc2k08
I've been using Roboform but I'll definitely be checking that one out -
thanks.

------
jlees
Heh, I recently blogged about a system I came up with to manage this, using a
ruby password generator that was linked on HN and storing the results in a
dropbox directory. Super super insecure but kinda fun to think through.
<http://digg.com/u19L9>

I don't actually use that system though, I generally use the same user id and
generate the password using a formula based on the website I'm registering at
and other mysterious factors.

------
silas
Gui (cross platform; thumb drive versions) <http://www.keepassx.org/>

CLI (old; via ssh) <http://freshmeat.net/projects/pwsafe/>

Library (looks promising although not done) <http://www.pwsafe.de/>

------
mjgoins
I use plain text files encrypted via gpg.

There's a gpg plugin for vim. If you don't like vim, you can probably find one
for your preferred editor.

