Talk:Password manager
Computing: Software / Security Start‑class Mid‑importance | |||||||||||||||||||||
|
Flag as advertisment?
"OhMyPass is an Online Enterprise Password Manager that securely stores login details. It is a web-based version of more conventional desktop-based password manager. But also it has a Portable Application for Desktop Password Management: Omp2Go. With this Portable Application for Desktop version you can take your online stored accounts everywhere. Get your passwords or register new account on your desktop." — Preceding unsigned comment added by Treppo (talk • contribs) 09:45, 28 February 2012 (UTC)
Clarification?
Article says:
"Some password managers include a password generator. Generated passwords may be guessable if the password manager uses a weak random number generator instead of a cryptographically secure one."
You can create millions and millions different passwords even with weak random number generator. And if you don't know previously generated (with same seed) passwords, this "weakness" doesn't help in any way to crack in. Is this really a problem or just theoretical speculation? In other words, is there even one example of so badly made password generator that you can guess it's output? 62.134.199.5 (talk) 09:31, 26 May 2011 (UTC)
comment
The purpose for starting this article is to seperate password managers from password generators and form fillers, which are often confused as one in the same software. The fact is that these are different software and may exist on their own without having the other two functionalities. Some software like Roboform has all three.
Comparison
We need a page comparing password managers password generators and form fillers. Mathiastck 23:05, 7 January 2007 (UTC)
Might be useful to mention USB-based password management products (IronKey www.ironkey.com, ID Guard www.identityguard.com/#slide6) and standalone password management devices (Atek Logio Secure Password Organizer www.atek.com/logio-secure-password-organizer.html and Mandylion Labs www.mandylionlabs.com).205.214.237.254 (talk) 17:59, 10 July 2009 (UTC)
Bitwarden is missing, someone should add info for this one: https://bitwarden.com/
e–Business translation
This is a new term to mean the facilitation of the transformation of an existing business or business idea to the Internet. It involves the use of business systems analysis and other software and tools to map the business structure to the Internet. —Preceding unsigned comment added by Raphaelval7 (talk • contribs) 10:38, 8 March 2010 (UTC)
Saving to Hard Disk
The article mentions (correctly) that saving unencrypted data to disk is dangerous, but then says "Turning off swap can prevent this risk"
I don't think it can. Modern desktops can hibernate, where they save their state to disk, or suspend to RAM where it may also be backed by disk. In these situations, unless the password manager receives notifications of the pending events, it wont even get the opportunity to erase its memory structures. And, if you look at the windows documentation of WM_POWERBROADCAST, it implies that there are no guarantees that a registered application will be told of an impending power change (emergency power options can trigger a suspend/hibernate without notification).
There's a simple test: suspend and resume the laptop -if you are reprompted for your password then the password manager may have erased it (or it is reacting on wakeup). Then repeate for hibernate.
Now: who is going to write that up in a way that doesn't constitute original research.
- Start-Class Computing articles
- Mid-importance Computing articles
- Start-Class software articles
- Mid-importance software articles
- Start-Class software articles of Mid-importance
- All Software articles
- Start-Class Computer Security articles
- Unknown-importance Computer Security articles
- Start-Class Computer Security articles of Unknown-importance
- All Computer Security articles
- All Computing articles