If you invited me to try and crack your password, you know the one that you use over and over for like every web page you visit, how many guesses would it take before I got it?
Let’s see… here is my top 10 list. I can obtain most of this information much easier than you think, then I might just be able to get into your e-mail, computer, or online banking. After all, if I get into one I’ll probably get into all of them.
Read more
Loading..
This is Ubuntu/Debian specific and might differ in other Linux distributions.
So, you come back after a long vacation and don't remember your password ? Just change the password!
1. Reboot the system and Press Esc to enter the GRUB menu
2. Choose the menu option in which you see the "recovery" option of the latest kernel
3. Let your system boot and you will see a root shell soon
4. Change your password ! using passwd
5. You are done! Reboot and use your new password!
Loading..
If you use different passwords for different authentication systems, and you come back from a fairly long vacation, I am sure you would have felt the need for password manager to manage all your passwords :)
Traditionally, you would use Password Manager on your existing system, use a Master Password to access control to your list of passwords - its not secure at all - your system might be prone to attacks from viruses, worms that might destroy your system. Even your passwords list file might be accessible to someone who is smart enough to actually work on it show up your passwords. All said, we can say, its not the safest way to manage your passwords
Recently, there is a trend which has emerged which lets you store your passwords safely by using some very interesting technologies. These password managers allow you to access your passphrase from any browser and access your password lists.
It is important to know how exactly these password managers work and the following illustration gives a fair idea of it
From the above illustration which shows only the decryption part, your data is NEVER stored on the server in a plain format which can be even manipulated or read by even the System Administrators of the server. All the server does is send in encrypted data to a ENVIRONMENT in your browser where data is either encrypted or decrypted based on whether you are saving a new password or reading an existing password.
These password managers usually use one of the strongest encryption methods - AES (Advanced Encrpytion Standard) and is very safe from man-in-the-middle attacks.
Two online password managers which use the above techniques and which you can use would be
Passlet - www.passlet.com
and
Passpack - www.passpack.com
I had tried Passlet couple of months back, and got to know about Passpack recently. First glance, Passpack definitely seems to have better user interface.
Go ahead and create your online password manager account today - both of them are Free!
Loading..
Passlet is an online password manager. Unlike other password managers, it does not require you to disclose your master password to anyone, including its own server.
Passlet is unique in its approach: it allows you to access your passwords from any browser in the world while at the same time making your information impossible to read outside that browser. It does this by performing all encryption and decryption operations within the browser itself, making sure that your password and derived encryption key never leave your computer. It is therefore imperative that you use a trusted computer to access Passlet.
Get an account
Loading..
Loading..
We had discussed ssh-agent to do passphraseless logins, but you still have to enter your passphrase when you logout and ssh-agent doesn't work with cron jobs as well
So, what you do is setup ssh-agent and then use keychain to keep your SSH passphrases alive till you reboot
Install keychain & add the following likes to your bash profile (.bash_profile)
keychain id_dsa
. ~/.keychain/$HOSTNAME-sh
Use the real name of your private key: id_rsa, my_key. Be sure to use the leading dot on the second line which tells your shell to read the file named on the line.
That's all you have to do. Now, when you log in, you get a keychain prompt, asking for the passphrase of your key.
You'll enter the passphrase for each one at system login. Then keychain will handle authentications even if you logout and login. You will have to redo it when you restart you system though.
Loading..
