|
Author |
Message |
Jayy |
This post is not being displayed .
|
Jayy Mr. Ponzi
Joined: 08 Jun 2009 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Ste |
This post is not being displayed .
|
Ste Not Work Safe
Joined: 01 Sep 2002 Karma :
|
Posted: 16:16 - 02 Jun 2017 Post subject: |
|
|
The only way to not be vulnerable to services or a program you're running locally being breached is to use a .txt file for maximum security. |
|
Back to top |
|
You must be logged in to rate posts |
|
|
stinkwheel |
This post is not being displayed .
|
stinkwheel Bovine Proctologist
Joined: 12 Jul 2004 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Ste |
This post is not being displayed .
|
Ste Not Work Safe
Joined: 01 Sep 2002 Karma :
|
Posted: 16:50 - 02 Jun 2017 Post subject: |
|
|
Maximum security can be increased by keeping the .txt file on a USB stick which is encrypted with a passphrase rather than password.
For passphrases, have a look at diceware: https://www.google.co.uk/search?q=diceware |
|
Back to top |
|
You must be logged in to rate posts |
|
|
P. |
This post is not being displayed .
|
P. Red Rocket
Joined: 14 Feb 2008 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Jayy |
This post is not being displayed .
|
Jayy Mr. Ponzi
Joined: 08 Jun 2009 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Jayy |
This post is not being displayed .
|
Jayy Mr. Ponzi
Joined: 08 Jun 2009 Karma :
|
Posted: 17:39 - 02 Jun 2017 Post subject: |
|
|
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Ste |
This post is not being displayed .
|
Ste Not Work Safe
Joined: 01 Sep 2002 Karma :
|
Posted: 17:42 - 02 Jun 2017 Post subject: |
|
|
I didn't say anything about big cloud services. |
|
Back to top |
|
You must be logged in to rate posts |
|
|
t121anf |
This post is not being displayed .
|
t121anf World Chat Champion
Joined: 23 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Falco |
This post is not being displayed .
|
Falco Traffic Copper
Joined: 27 Nov 2015 Karma :
|
Posted: 22:15 - 04 Jun 2017 Post subject: |
|
|
KeePass (as mentioned) is the one that sounds closest to what you want.
I would strongly recommend against writing your own encryption scheme. Use a generally available bit of freeware (veracrypt is the spiritual successor to truecrypt and is pretty easy to use). Security through obscurity is worthless, a well made encryption scheme should be impervious to someone knowing the details of it, knowing the salt length,number of hashes and whether its Sha-1 won't help. If they are sophisticated enough to be using a side- channel attack to get the info off your computer, a home-brew system will pose no obstacle.
Schneier's law: "any person can invent a security system so clever that she or he can't think of how to break it"
Having said that, LastPass isn't particularly insecure.Unless they are keeping your passwords in plaintext (they aren't) then stealing an encrypted vault isn't hugely useful. It's not ideal of course, since in the next 20+ years computing power may actually allow for a successful attack on the files, but that is the trade off, security for convenience. ____________________ I tell you what, mathematically, I'm having it |
|
Back to top |
|
You must be logged in to rate posts |
|
|
Old Thread Alert!
The last post was made 6 years, 325 days ago. Instead of replying here, would creating a new thread be more useful? |
|
|
|