Security Basics mailing list archives
RE: securing password list
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 24 Mar 2004 09:26:37 -0800
"Fireproof" boxes are rated in terms of how long materials inside will survive a typical building fire outside. I think two hours for a sheet of paper is a pretty typical performance range -- less is probably a poor value, and more can cost mucho more. David Gillett
-----Original Message----- From: Jeremy McBane [mailto:Jeremy () devcocomputers com] Sent: Tuesday, March 23, 2004 10:15 AM To: security-basics () securityfocus com Subject: RE: securing password list In reference to a fireproof box, what kind of media is not vulnerable to melting within from the intense heat? -- Jeremy McBane Devco Computers Jeremy () devcocomputers com 337.993.3212 -- -----Original Message----- From: Josh Mills [mailto:JMills () cnbwaco com] Sent: Friday, March 19, 2004 7:17 PM To: Dan Denton; beevoo8 () hotmail com; security-basics () securityfocus com Subject: RE: securing password list I have a similar setup, I have an off network linux box behind two secured doors and i make a weekly backup that is stored in an offsite fireproof box along with all of my other backup tapes. -----Original Message----- From: Dan Denton [mailto:ddenton () PAYLESSOFFICE com] Sent: Friday, March 19, 2004 12:02 PM To: beevoo8 () hotmail com; security-basics () securityfocus com Subject: RE: securing password list I keep out password lists in an off-network linux box in a secured room, for which only I know the password. Of course if anyone else gains access to the room they could snag the whole CPU, but it's unlikely here. I also keep a weekly backup on floppy in a locked firesafe. -----Original Message----- From: beevoo8 () hotmail com [mailto:beevoo8 () hotmail com] Sent: Thursday, March 18, 2004 11:52 AM To: security-basics () securityfocus com Subject: securing password list In my job I have a number of username/passwords to various websites and machines that I must keep track of. I was soliciting ideas on how to store these passwords securely. Encrypting them with a passphrase seems counterproductive since the file may not be accessed for a while and the passphrase might be forgotten. Would biometrics be a safer idea? What security methods do you use to secure a list such as this? Any suggestions would be appreciated. -------------------------------------------------------------- ---------- --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------- ---------- ---- -------------------------------------------------------------- ------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------- -------------- -------------------------------------------------------------- ------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------- -------------- --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.639 / Virus Database: 408 - Release Date: 3/22/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.639 / Virus Database: 408 - Release Date: 3/22/2004 -------------------------------------------------------------- ------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------- --------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- securing password list beevoo8 (Mar 19)
- Re: securing password list Joerg Over Dexia (Mar 22)
- Re: securing password list Steven Joerger (Mar 22)
- Re: securing password list E.Kellinis (Mar 22)
- <Possible follow-ups>
- RE: securing password list Dan Denton (Mar 19)
- Re: securing password list Michael Gale (Mar 22)
- Re: securing password list E.Kellinis (Mar 22)
- RE: securing password list Josh Mills (Mar 22)
- RE: securing password list Andrew Shore (Mar 22)
- RE: securing password list Jeremy McBane (Mar 24)
- RE: securing password list David Gillett (Mar 25)
- RE: securing password list Fahr, Sam@HHSDC-SFIS (Mar 25)