[lug] How do you keep your passwords safe while Paying bills and Day Trading at Work?

John Dollison johndollison at hotmail.com
Sat Oct 4 21:21:19 MDT 2008


Password managers are pretty common nowadays.  In fact, Wikipedia even has an article on them:http://en.wikipedia.org/wiki/Password_manager
 
I used to have a PDA with a password manager.  It stored an encrypted file on my PDA, and I had the option of keeping a backup copy on my home computer (or on a thumb drive connected to the home computer).  I was more worried about forgetting the primary password than I was worried about someone hacking into my PC and cracking my password file.  But I suppose it doesn't hurt to keep a hard copy in a safe deposit box in case the house (and PC, PDA, and file cabinet) go up in flames.  But then, a web-based password manager might be a better choice.
 
Googling "password manager review" ought to give you plenty of reading material. --John Dollison.



> From: siegfried at heintze.com> To: lug at lug.boulder.co.us> Date: Sat, 4 Oct 2008 13:50:34 -0700> Subject: [lug] How do you keep your passwords safe while Paying bills and Day Trading at Work?> > > As a result of listening to an interview of a hapless share owner of Freddie> MaC (FRE) on NPR some Sunday afternoon, actually bought some Freddie mac> stock and inadvertently (I did not intend this when I initially purchased> the stock) started day trading and actually made $5000 on Wednesday and lost> $3000 on Thursday last week. Wow! Was that exciting! I'm so glad to still be> positive!> > Anyway, this brings up a security problem: because I've also started paying> my bills on line. Since credit card numbers and passwords to online bank and> brokerage accounts can be recovered from deleted files on abandoned disk> drives on the way to the recycler, I have abandoned magnetic media for> recording this sensitive information even though I take a jump drive with me> to work to store a running total of my work hours and my .emacs file.> > So now that paper copy of my passwords is starting to make me nervous> because I've started to take it to work everyday so I can pay bills and> trade stocks (although so far I have given up on the day trading). Suppose I> loose that paper with the passwords, URLs and the answers to various> security questions? Yikes! That is a lot of banks and brokerages and credit> cards to call up and cancel should I loose it.> > What to you do? I was thinking about using pgp or gpg and storing my> passwords on my jump drive and then I could physically destroy the jump> drive when I abandon it. That would solve the problem of someone scavenging> old disk drives. But then I'd have to have a backup jump drive. I suppose> that is not a problem. And if I use GPG would I be secure (assuming I never> write down the strong master password)?> > Does anyone use the emacs package "mew" to encrypt? I just discovered> http://mailcrypt.sourceforge.net/ but have not used it. If I store an> encrypted file on my jump drive and I decrypt it using one of these> packages, where does the temporary unencrypted file get stored? On my hard> drive where someone can scavenging it? What do you do?> > Thanks!> Siegfried> _______________________________________________> Web Page: http://lug.boulder.co.us> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20081004/f105591b/attachment.html>


More information about the LUG mailing list