http://blogcritics.org/ A sinister cabal of superior bloggers on music, books, film, popular culture, politics, and technology - updated continuously. en Copyright 2002-2006 by the authors Mon, 8 Dec 2003 11:09:57 EST http://backend.userland.com/rss Blogcritics.org custom software http://blogcritics.org/archives/2003/12/08/015316.php#comment-31836 yes but (i should've been clearer here) 1) you can get free password generators that are actually rather good. Try googling it (googling "password generator" yields 88200 results) (but don't google "free password generator as stupid spam sites appear at the top results) 2) internet explorer will store web passwords. 3) if the encryption used was a good, well-known and well-tested one, i would expect it to be named. i am naturally suspicious of programs that boast of having encryption but don't say what algorithm(s) is(are) used, basically for the same reasons as mentioned in the Secrets And Lies... book So, buying this software would mean forking out $30 for stuff that can easily be done for free already. I know there is other software like this that does stuff that can be done for free, but if it saves alot of time then that's ok. However using this one program instead of a password generator and IE won't save alot of time and, more importantly, security is an issue we should all take more time and care over. ]]> 31836@blogcritics.org Mon, 8 Dec 2003 11:09:57 EST http://blogcritics.org/archives/2003/12/08/015316.php#comment-31826 Interesting observations, jadester. How many people do you think have the Java programming skill to create their own password protection and generation utility? Would you not be part of a small minority of the larger number of people that need password management? As per the wisdom of having all your passwords in one file, well it's a question of trade offs: file them or risk losing them. You could create different user accounts for high, medium and low security passwords if you like. The article assumes that you want someplace to store those growing number of passwords we all create for our growing list of web services we use. You could store them online somewhere, but you're just adding another layer of possible risk. If you run a decent firewall, spy-bot cleaner and virus scanner storing them on your hard drive is as good as it gets. ]]> 31826@blogcritics.org Mon, 8 Dec 2003 08:17:54 EST http://blogcritics.org/archives/2003/12/08/015316.php#comment-31820 i'm sorry but no, i wouldn't fork out $30 for that when i could code most of those features in Java in a day or two. I notice it doesn't mention what encryption algorithm is used - have a read of the second book down (Secrets And Lies) and you'll see that encryption really doesn't equal security. i'd question the wisdom of having ALL of your web passwords stored in one file (especially e.g. if you do online banking) as once the file is stolen and cracked you have to change all of them (and run the risk of losing all those accounts to the hacker) ]]> 31820@blogcritics.org Mon, 8 Dec 2003 05:07:53 EST