Password managers

classic Classic list List threaded Threaded
19 messages Options
Reply | Threaded
Open this post in threaded view
|

Password managers

Dave Howorth-3
Anton's question about password generators set me thinking.

Do people use password managers on openSUSE and why or why not?

If you do use one, which one?

Cheers, Dave

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Per Jessen
Dave Howorth wrote:

> Anton's question about password generators set me thinking.
>
> Do people use password managers on openSUSE and why or why not?
>
> If you do use one, which one?

We use our own when generating temp passwords for customers.



--
Per Jessen, Zürich (18.4°C)
http://www.hostsuisse.com/ - virtual servers, made in Switzerland.


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

James Knott
In reply to this post by Dave Howorth-3
On 08/12/2017 01:26 PM, Dave Howorth wrote:
> Anton's question about password generators set me thinking.
>
> Do people use password managers on openSUSE and why or why not?
>
> If you do use one, which one?
>
Sticky Notes on the monitor.  ;-)

Just kidding.


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Richmond-2
In reply to this post by Dave Howorth-3
I use lastpass.

--
~


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Dave Howorth-3
In reply to this post by James Knott
On Sat, 12 Aug 2017 13:58:13 -0400
James Knott <[hidden email]> wrote:

> On 08/12/2017 01:26 PM, Dave Howorth wrote:
> > Anton's question about password generators set me thinking.
> >
> > Do people use password managers on openSUSE and why or why not?
> >
> > If you do use one, which one?
> >  
> Sticky Notes on the monitor.  ;-)

At work, I found using 123456 as my root password saved the insecurity
of sticky notes :)

> Just kidding.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Dave Howorth-3
In reply to this post by Richmond-2
On Sat, 12 Aug 2017 20:12:04 +0100
Richmond <[hidden email]> wrote:

> I use lastpass.

Thanks.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Gustav Degreef
On 08/12/2017 11:08 PM, Dave Howorth wrote:
> On Sat, 12 Aug 2017 20:12:04 +0100
> Richmond <[hidden email]> wrote:
>
>> I use lastpass.

I use the password manager built into firefox.  For non-website
passwords I use fpm2 (figaro's password manager) just because I've used
it for years, it's hard to migrate to another.  Gustav.



--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

David C. Rankin
In reply to this post by Dave Howorth-3
On 08/12/2017 12:26 PM, Dave Howorth wrote:
> Anton's question about password generators set me thinking.
>
> Do people use password managers on openSUSE and why or why not?
>
> If you do use one, which one?
>
> Cheers, Dave

Yes, there is only one to use, keepassx.

On 42.2 I have

$ rpm -q keepassx
keepassx-0.4.3-9.1.x86_64

I specifically have a zypper lock on it to prevent version upgrade to the 2?
version (it's works, I'm just not as fond of the layout).

keepassx is available for Linux with builds on windows and iphone, so it is
quite convenient. I have used it for probably a decade (or more). It has many
good features that you won't find in other and -- you have the source :)

--
David C. Rankin, J.D.,P.E.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Carlos E. R.-2
On 2017-08-13 00:37, David C. Rankin wrote:

> On 08/12/2017 12:26 PM, Dave Howorth wrote:
>> Anton's question about password generators set me thinking.
>>
>> Do people use password managers on openSUSE and why or why not?
>>
>> If you do use one, which one?
>>
>> Cheers, Dave
>
> Yes, there is only one to use, keepassx.
keepassxc

It is a fork where the devs are more active, it seems.

Wikipedia:

+++---------------
KeePassX started as a Linux port of KeePass[2] , which was at that time
an open source but Windows-only password manager. Both are now cross
platform, with KeePassX using Qt libraries and recent versions of
KeePass using .NET / Mono.[3]

It is built using version 4.8 of the Qt libraries, making it a
multi-platform application, which can be run on Linux, Windows, and Mac
OS X.

KeePassX uses the KeePass 2 (.kdbx) password database format as the
native format. It can also import (and convert) the older KeePass 1
(.kdb) databases.[3]

There is community fork of KeePassX called KeePassXC.

---------------++-

+++---------------
KeePassXC started as community fork of KeePassX[2] due to what the
community considered to be very slow development of KeePassX, and the
unresponsiveness of its maintainer.[3]

It is built using version 5.2 of the Qt libraries, making it a
multi-platform application, which can be run on Linux, Windows, and macOS.

KeePassXC uses the KeePass 2 (.kdbx) password database format as the
native format. It can also import (and convert) the older KeePass 1
(.kdb) databases.
---------------++-

https://en.wikipedia.org/wiki/KeePassX
https://en.wikipedia.org/wiki/KeePassXC


One feature I noticed on the later is than when the screen locks, the
password database also locks. And noticed a bug: if it is not saved, it
doesn't lock.


--
Cheers / Saludos,

                Carlos E. R.
                (from 42.2 x86_64 "Malachite" at Telcontar)


signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Password managers

David C. Rankin
On 08/13/2017 02:17 PM, Carlos E. R. wrote:

> KeePassXC uses the KeePass 2 (.kdbx) password database format as the
> native format. It can also import (and convert) the older KeePass 1
> (.kdb) databases.
> ---------------++-
>
> https://en.wikipedia.org/wiki/KeePassX
> https://en.wikipedia.org/wiki/KeePassXC
>
>
> One feature I noticed on the later is than when the screen locks, the
> password database also locks. And noticed a bug: if it is not saved, it
> doesn't lock.
I'll have to check that out. I'm glad it has a fork that is in active
development. There are several options you can configure for save that may
avoid the fail to lock on unsaved. KeyPassX 1 has an

  [x] Automatically save database on exit and workspace locking

That still works as advertised on v1. Another great feature is the minimize to
systray instead of taskbar. The large text-box comment for each entry provides
a great place for additional information related to the entry. The export to
text or to xml (which can be then encrypted with gpg) makes for a handy backup
than is formatted well.

Originally, I had my kids provide me with all their online account
credentials, etc. which has saved a world of frustration when they come back
18 months later and ask "Dad, what was my password for xyz site...." Just like
an elephant -- it never forgets :)

--
David C. Rankin, J.D.,P.E.


signature.asc (484 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Dave Howorth-3
On Sun, 13 Aug 2017 15:23:50 -0500
"David C. Rankin" <[hidden email]> wrote:

> On 08/13/2017 02:17 PM, Carlos E. R. wrote:
> > KeePassXC uses the KeePass 2 (.kdbx) password database format as the
> > native format. It can also import (and convert) the older KeePass 1
> > (.kdb) databases.
> > ---------------++-
> >
> > https://en.wikipedia.org/wiki/KeePassX
> > https://en.wikipedia.org/wiki/KeePassXC
> >
> >
> > One feature I noticed on the later is than when the screen locks,
> > the password database also locks. And noticed a bug: if it is not
> > saved, it doesn't lock.  
>
> I'll have to check that out. I'm glad it has a fork that is in active
> development. There are several options you can configure for save
> that may avoid the fail to lock on unsaved. KeyPassX 1 has an
>
>   [x] Automatically save database on exit and workspace locking
>
> That still works as advertised on v1. Another great feature is the
> minimize to systray instead of taskbar. The large text-box comment
> for each entry provides a great place for additional information
> related to the entry. The export to text or to xml (which can be then
> encrypted with gpg) makes for a handy backup than is formatted well.
>
> Originally, I had my kids provide me with all their online account
> credentials, etc. which has saved a world of frustration when they
> come back 18 months later and ask "Dad, what was my password for xyz
> site...." Just like an elephant -- it never forgets :)
>

I'm curious why the only version available in the openSUSE 42.2
repository is keepassx 2.0.2? That isn't the latest version and is on
the supposedly 'dead' branch? I'd have thought a password manager was
the sort of software that needed to be kept up-to-date.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Dave Howorth-3
On Sun, 13 Aug 2017 22:15:49 +0100
Dave Howorth <[hidden email]> wrote:
> I'm curious why the only version available in the openSUSE 42.2
> repository is keepassx 2.0.2? That isn't the latest version and is on
> the supposedly 'dead' branch? I'd have thought a password manager was
> the sort of software that needed to be kept up-to-date.

I see there is https://software.opensuse.org/package/keepassxc but that
page requires Javascript. WTF! It's just using Javascript instead of CSS
to produce a multi-level menu. Don't SUSE have any competent
programmers any more? Why force Javascript on people just for menus?

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

David C. Rankin
On 08/13/2017 04:24 PM, Dave Howorth wrote:

> On Sun, 13 Aug 2017 22:15:49 +0100
> Dave Howorth <[hidden email]> wrote:
>> I'm curious why the only version available in the openSUSE 42.2
>> repository is keepassx 2.0.2? That isn't the latest version and is on
>> the supposedly 'dead' branch? I'd have thought a password manager was
>> the sort of software that needed to be kept up-to-date.
>
> I see there is https://software.opensuse.org/package/keepassxc but that
> page requires Javascript. WTF! It's just using Javascript instead of CSS
> to produce a multi-level menu. Don't SUSE have any competent
> programmers any more? Why force Javascript on people just for menus?
>

Err, sorry Dave, I forgot I build the 0.4.3 version myself.

rpm -qi keepassx
Name        : keepassx
Version     : 0.4.3
Release     : 9.1
Architecture: x86_64
Install Date: Mon 19 Dec 2016 06:06:45 PM CST
Group       : Productivity/Security
Size        : 3132751
License     : GPLv2
Signature   : (none)
Source RPM  : keepassx-0.4.3-9.1.src.rpm
Build Date  : Mon 19 Dec 2016 04:57:23 PM CST
Build Host  : wizard.3111skyline.com
Relocations : (not relocatable)
URL         : http://www.keepassx.org/
Summary     : KeePassX Cross Platform Password Manager
Description :
KeePassX is a free/open-source password manager or safe which helps you to
manage your passwords in a secure way. You can put all your passwords in one
database, which is locked with one master key or a key-disk. So you only have
to remember one single master password or insert the key-disk to unlock the
whole database. The databases are encrypted using the best and most secure
encryption algorithms currently known (AES and Twofish).
Distribution: (none)

It relies on nothing but qt4 and C++.

Unless there is a crack that effects AES and Twofish, then there is little
need for continual updates. You give it the pw, it creates the hash and unless
there is a crack for the hash, it is still good. Just like gpg, while there
are cracks for RSA, the time required to run against a 12 char password is
astronomical until we get quantum computing sorted out :)

I added the package to my buildservice account and have packages for
everything from 13.2 - Leap 42.3 available. (I disabled the 13.1 build, but it
will build fine)

http://download.opensuse.org/repositories/home:/drankinatty/

Give keepassx (the original 0.4.3 version) a look. You can always go to the
current version if you like (it will import the original file). For a number
of reasons, I've stayed with the original.

--
David C. Rankin, J.D.,P.E.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Koenraad Lelong
In reply to this post by Dave Howorth-3
Op 12-08-17 om 19:26 schreef Dave Howorth:
> Anton's question about password generators set me thinking.
>
> Do people use password managers on openSUSE and why or why not?
>
> If you do use one, which one?
>
> Cheers, Dave
>

I'm using keepass (version 2.36 on OpenSuse). On Opensuse, Windows and
Android.

Koenraad.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Bernhard Voelker
In reply to this post by Dave Howorth-3
On 08/12/2017 07:26 PM, Dave Howorth wrote:
> If you do use one, which one?

For some simple purposes (also on some servers):

  $ vi -x passwords.txt

Have a nice day,
Berny

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Carlos E. R.-2
On 2017-08-17 10:44, Bernhard Voelker wrote:
> On 08/12/2017 07:26 PM, Dave Howorth wrote:
>> If you do use one, which one?
>
> For some simple purposes (also on some servers):
>
>   $ vi -x passwords.txt

emacs passwords.gpg

:-)

It doesn't use temporary files on this use (some editors do).

--
Cheers / Saludos,

                Carlos E. R.
                (from 42.2 x86_64 "Malachite" at Telcontar)


signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Mark Goldstein
In reply to this post by David C. Rankin
On 13.08.2017 01:37, David C. Rankin wrote:
>> Do people use password managers on openSUSE and why or why not?
>>
>> If you do use one, which one?
>>
>> Cheers, Dave
> Yes, there is only one to use, keepassx.
>
There is pwsafe, developed with participation of well known Bruce
Schneier. It has Linux version, that is in beta, but quite advanced
one (v1.02). I tried to compile it, seems OK (at least without support
for Yubi two-way authentication. I used it in Windows. In Linux there
was also the old MyPasswordSafe that used older pwsafe db format
(.dat)

On Tue, Aug 15, 2017 at 8:26 PM, David C. Rankin
<[hidden email]> wrote:

> On 08/13/2017 04:24 PM, Dave Howorth wrote:
>> On Sun, 13 Aug 2017 22:15:49 +0100
>> Dave Howorth <[hidden email]> wrote:
>>> I'm curious why the only version available in the openSUSE 42.2
>>> repository is keepassx 2.0.2? That isn't the latest version and is on
>>> the supposedly 'dead' branch? I'd have thought a password manager was
>>> the sort of software that needed to be kept up-to-date.
>>
>> I see there is https://software.opensuse.org/package/keepassxc but that
>> page requires Javascript. WTF! It's just using Javascript instead of CSS
>> to produce a multi-level menu. Don't SUSE have any competent
>> programmers any more? Why force Javascript on people just for menus?
>>
>
> Err, sorry Dave, I forgot I build the 0.4.3 version myself.
>
> rpm -qi keepassx
> Name        : keepassx
> Version     : 0.4.3
> Release     : 9.1
> Architecture: x86_64
> Install Date: Mon 19 Dec 2016 06:06:45 PM CST
> Group       : Productivity/Security
> Size        : 3132751
> License     : GPLv2
> Signature   : (none)
> Source RPM  : keepassx-0.4.3-9.1.src.rpm
> Build Date  : Mon 19 Dec 2016 04:57:23 PM CST
> Build Host  : wizard.3111skyline.com
> Relocations : (not relocatable)
> URL         : http://www.keepassx.org/
> Summary     : KeePassX Cross Platform Password Manager
> Description :
> KeePassX is a free/open-source password manager or safe which helps you to
> manage your passwords in a secure way. You can put all your passwords in one
> database, which is locked with one master key or a key-disk. So you only have
> to remember one single master password or insert the key-disk to unlock the
> whole database. The databases are encrypted using the best and most secure
> encryption algorithms currently known (AES and Twofish).
> Distribution: (none)
>
> It relies on nothing but qt4 and C++.
>
> Unless there is a crack that effects AES and Twofish, then there is little
> need for continual updates. You give it the pw, it creates the hash and unless
> there is a crack for the hash, it is still good. Just like gpg, while there
> are cracks for RSA, the time required to run against a 12 char password is
> astronomical until we get quantum computing sorted out :)
>
> I added the package to my buildservice account and have packages for
> everything from 13.2 - Leap 42.3 available. (I disabled the 13.1 build, but it
> will build fine)
>
> http://download.opensuse.org/repositories/home:/drankinatty/
>
> Give keepassx (the original 0.4.3 version) a look. You can always go to the
> current version if you like (it will import the original file). For a number
> of reasons, I've stayed with the original.
>
> --
> David C. Rankin, J.D.,P.E.
>
> --
> To unsubscribe, e-mail: [hidden email]
> To contact the owner, e-mail: [hidden email]
>



--
Mark Goldstein

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Password managers

Bob Williams-3
In reply to this post by Carlos E. R.-2
On Sun, 13 Aug 2017 21:17:46 +0200
"Carlos E. R." <[hidden email]> wrote:

> On 2017-08-13 00:37, David C. Rankin wrote:
> > On 08/12/2017 12:26 PM, Dave Howorth wrote:  
> >> Anton's question about password generators set me thinking.
> >>
> >> Do people use password managers on openSUSE and why or why not?
> >>
> >> If you do use one, which one?
> >>
> >> Cheers, Dave  
> >
> > Yes, there is only one to use, keepassx.  
>
> keepassxc
>
> It is a fork where the devs are more active, it seems.
>
> Wikipedia:
>
> +++---------------
> KeePassX started as a Linux port of KeePass[2] , which was at that
> time an open source but Windows-only password manager. Both are now
> cross platform, with KeePassX using Qt libraries and recent versions
> of KeePass using .NET / Mono.[3]
>
> It is built using version 4.8 of the Qt libraries, making it a
> multi-platform application, which can be run on Linux, Windows, and
> Mac OS X.
>
> KeePassX uses the KeePass 2 (.kdbx) password database format as the
> native format. It can also import (and convert) the older KeePass 1
> (.kdb) databases.[3]
>
> There is community fork of KeePassX called KeePassXC.
>
> ---------------++-
>
> +++---------------
> KeePassXC started as community fork of KeePassX[2] due to what the
> community considered to be very slow development of KeePassX, and the
> unresponsiveness of its maintainer.[3]
>
> It is built using version 5.2 of the Qt libraries, making it a
> multi-platform application, which can be run on Linux, Windows, and
> macOS.
>
> KeePassXC uses the KeePass 2 (.kdbx) password database format as the
> native format. It can also import (and convert) the older KeePass 1
> (.kdb) databases.
> ---------------++-
>
Agreed. I use keepassxc on my desktop, keepass2Android on my phone and tablet, and syncthing to keep them all in sync.

Bob

--
Bob Williams
   System:  Linux 4.4.79-19-default
   Distro:  openSUSE 42.3 (x86_64)
   Desktop: KDE Frameworks: 5.32.0, Qt: 5.6.2 and Plasma: 5.8.7

attachment0 (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Password managers

sogal
In reply to this post by Dave Howorth-3
Hi all,

Le samedi 12 août 2017 à 06:26:51, Dave Howorth a écrit :
> Anton's question about password generators set me thinking.
>
> Do people use password managers on openSUSE and why or why not?
>
> If you do use one, which one?

Keepassx on laptop (with a unique database synchronized through self-hosted
Nextcloud instance)
Teampass at work

--
Sébastien 'sogal' Poher

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]