Dear Linkedin,

• Previous message (by thread): Dear Linkedin,
• Next message (by thread): Dear Linkedin,
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jun 9, 2012 at 10:52 AM, <joseph.snyder at gmail.com> wrote:

> My biggest problem still is the multiple computer issue.  I am on at least
> 3-5 physical computers and 1-20 virtual machines, and 2 cellphones a day.
>  I honestly do not want to store a database of passwords encrypted or not
> on an open service.
>

Security is all about trade-offs.  In this case it's the trade-off between
storing an excrypted password database on a 3rd party server, v's re-using
passwords and having (potentially) weaker passwords as a result of not
doing so.

Personally I use KeePass, with the database stored on a cloud-synced
directory.  To decrypt the KeePass database requires both a Passwords AND a
Key file, which is NOT synced to the cloud.

IMHO this gives the best of both worlds - easy syncing between multiple
computers and the ability to use unique, very strong passwords with all
websites. But also very strong security in the case that the KeePass
database is somehow compromised from the cloud service, as both the
password and keyfile would be required to decrypt.

  Scott

• Previous message (by thread): Dear Linkedin,
• Next message (by thread): Dear Linkedin,
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]