Jump to content

Talk:Password manager

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Eclectic99 (talk | contribs) at 16:39, 29 September 2017 (Comparison). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

WikiProject iconComputing: Software / Security Start‑class Mid‑importance
WikiProject iconThis article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
StartThis article has been rated as Start-class on Wikipedia's content assessment scale.
MidThis article has been rated as Mid-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Software (assessed as Mid-importance).
Taskforce icon
This article is supported by WikiProject Computer Security.
Things you can help WikiProject Computer Security with:
Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...
  • Review importance and quality of existing articles
  • Identify categories related to Computer Security
  • Tag related articles
  • Identify articles for creation (see also: Article requests)
  • Identify articles for improvement
  • Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
  • Find editors who have shown interest in this subject and ask them to take a look here.

Flag as advertisment?

"OhMyPass is an Online Enterprise Password Manager that securely stores login details. It is a web-based version of more conventional desktop-based password manager. But also it has a Portable Application for Desktop Password Management: Omp2Go. With this Portable Application for Desktop version you can take your online stored accounts everywhere. Get your passwords or register new account on your desktop." — Preceding unsigned comment added by Treppo (talkcontribs) 09:45, 28 February 2012 (UTC)[reply]


Clarification?

Article says: 

"Some password managers include a password generator. Generated passwords may be guessable if the password
manager uses a weak random number generator instead of a cryptographically secure one."

You can create millions and millions different passwords even with weak random number generator. And if you don't know previously generated (with same seed) passwords, this "weakness" doesn't help in any way to crack in. Is this really a problem or just theoretical speculation? In other words, is there even one example of so badly made password generator that you can guess it's output? 62.134.199.5 (talk) 09:31, 26 May 2011 (UTC)[reply]

comment

The purpose for starting this article is to seperate password managers from password generators and form fillers, which are often confused as one in the same software. The fact is that these are different software and may exist on their own without having the other two functionalities. Some software like Roboform has all three.

Comparison

We need a page comparing password managers password generators and form fillers. Mathiastck 23:05, 7 January 2007 (UTC)[reply]

Might be useful to mention USB-based password management products (IronKey www.ironkey.com, ID Guard www.identityguard.com/#slide6) and standalone password management devices (Atek Logio Secure Password Organizer www.atek.com/logio-secure-password-organizer.html and Mandylion Labs www.mandylionlabs.com).205.214.237.254 (talk) 17:59, 10 July 2009 (UTC)[reply]

Bitwarden is missing, someone should add info for this one: https://bitwarden.com/

e–Business translation

This is a new term to mean the facilitation of the transformation of an existing business or business idea to the Internet. It involves the use of business systems analysis and other software and tools to map the business structure to the Internet. —Preceding unsigned comment added by Raphaelval7 (talkcontribs) 10:38, 8 March 2010 (UTC)[reply]

Saving to Hard Disk

The article mentions (correctly) that saving unencrypted data to disk is dangerous, but then says "Turning off swap can prevent this risk"

I don't think it can. Modern desktops can hibernate, where they save their state to disk, or suspend to RAM where it may also be backed by disk. In these situations, unless the password manager receives notifications of the pending events, it wont even get the opportunity to erase its memory structures. And, if you look at the windows documentation of WM_POWERBROADCAST, it implies that there are no guarantees that a registered application will be told of an impending power change (emergency power options can trigger a suspend/hibernate without notification).

There's a simple test: suspend and resume the laptop -if you are reprompted for your password then the password manager may have erased it (or it is reacting on wakeup). Then repeate for hibernate.

Now: who is going to write that up in a way that doesn't constitute original research.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Password_manager&oldid=802967177"