{"id":3019,"date":"2018-10-14T11:57:31","date_gmt":"2018-10-14T11:57:31","guid":{"rendered":"https:\/\/blog.paranoidprofessor.com\/?p=3019"},"modified":"2018-10-22T20:46:03","modified_gmt":"2018-10-22T20:46:03","slug":"safe-computing-passwords","status":"publish","type":"post","link":"https:\/\/blog.paranoidprofessor.com\/index.php\/2018\/10\/14\/safe-computing-passwords\/","title":{"rendered":"safe computing – passwords"},"content":{"rendered":"

Have you ever done something despite the knowledge that it isn’t really safe?\u00a0 This generic sentence\u00a0could be anything from jaywalking to unprotected sex.<\/p>\n

In my case, the situation is perhaps a both\u00a0more mundane and a 21st century problem.\u00a0 I do have quite a few email accounts that are used for different purposes.\u00a0 One of the ones that I used to catch spam should know better when it comes to security.<\/p>\n

\"\"<\/p>\n

This login dialog looks very similar to many other login dialogs.\u00a0 The only interesting part is the checkbox “Angemeldet bleiben” which simply means that your user will stay logged in.\u00a0 This is not an unsurprising\u00a0feature for personal email accounts.\u00a0 If this value is stored on the computer or with the account it would make perfect sense.<\/p>\n

The insecure thing is that every time you go to this site this value is set to true.\u00a0 By default, your credentials will be stored on the computer, not a problem if this is your computer at home but an extremely poor policy if the computer is public used.<\/p>\n

A proper solution<\/h2>\n

It is not a good solution to store the password or some token in a cookie on your computer.\u00a0 A much better solution would be to have the password memorized and use it each time.\u00a0 It is possible to keep a few passwords in your head but after a while, the number starts to exceed the memory of even the best person.<\/p>\n

Of course, it is possible to scribble your password on a sticky note or write it down in your notepad but if security is truly a requirement then storing the password list in an encrypted file is the best solution.<\/p>\n

Keepassx<\/h2>\n

There are a lot of password managers that are available – it must be true as when I googled “password manager” it returned 480,000,000.\u00a0 There may not be that many but there are easily dozens of free and commercial versions in the Google Play store alone.<\/p>\n

Basically a password manager, sometimes referred to as a password safe is just a small application that collects passwords not too dissimilar to an address book for email addresses.<\/p>\n

The real trick is not finding a password manager that runs on your phone but one that fits how you best operate. In my case that was a password manager that is truly multi-platform.\u00a0 The usability of my password manager, Keepassx, is just fine on my smartphone.<\/p>\n

Multiplatform does not have to be a requirement.\u00a0 The only time I really wanted a multiplatform was when I had too many passwords and wanted to restructure how they were grouped.<\/p>\n

The reason that I ended up deciding on\u00a0keepassx\u00a0was it was possible to install the app on my smartphone but also to install the application on my Linux\u00a0Mint installation.<\/p>\n

It is possible to create a folder structure separate different aspects of your passwords.\u00a0 It is also possible to store any other important number.<\/p>\n

\"\"<\/p>\n

It is possible to create entries to store the simple user and password.<\/p>\n

\"\"<\/p>\n

Keepassx has been made flexible enough to allow adding\u00a0other values as attributes.<\/p>\n

\"\"<\/p>\n

Finally, it is possible to assign cute little icons to your entries and folders.\u00a0 This is not just a fun feature but makes it possible to visually see which types of entries contain what types of data.<\/p>\n

\"\"<\/p>\n

I cannot recommend this software enough.\u00a0 it is easy to use on your phone but it also possible to copy the keepassx database to your computer and edit it without any difficulties.<\/p>\n

https:\/\/community.linuxmint.com\/software\/view\/keepassx<\/a><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Have you ever done something despite the knowledge that it isn’t really safe?\u00a0 This generic sentence\u00a0could be anything from jaywalking to unprotected sex. In my case, the situation is perhaps a both\u00a0more mundane and a 21st century problem.\u00a0 I do … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[89],"tags":[17],"_links":{"self":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts\/3019"}],"collection":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/comments?post=3019"}],"version-history":[{"count":5,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts\/3019\/revisions"}],"predecessor-version":[{"id":3069,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts\/3019\/revisions\/3069"}],"wp:attachment":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/media?parent=3019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/categories?post=3019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/tags?post=3019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}