CI Staff .


Tom Jones from TX posted over 3 years ago:

How do you verify that the first order of business is not to send unencryptable passwords to some cybercriminal? Published open source may be a requirement.

Tom Jones from TX posted over 3 years ago:

I stand corrected. I went to the website and the first thing they said is that they are open sourc.

David Wolf from PA posted over 3 years ago:

OK. I'm clueless. Does Open Source, and the requirement thereof, represent a danger for users of the software?

Tom Jones from TX posted over 3 years ago:

Open Source means that the user is free to examine the code that was used to construct the application. There is no way to hide "trap doors" or other secret connections that you don't want to exist. An alternative is to try to monitor outbound communication, but that may be very hard, akin to picking out a straw in a torrent of hay.

Open Source is a good thing, and a pretty basic security requirement. The other problem is to prove that the application really was built from the source code provided.

Chandra from NC posted over 3 years ago:

I have been using Keepass at home & work for at least 5 years, and very happy with it. I keep looking for alternatives once in a while, but could not find anything that is free, and does a better job than Keepass. If you do not feel comfortable (like me) storing passwords on online platforms such as Lastpass, this is a much better option for local storage.

nordron from CO posted over 3 years ago:

I use an EXCEL file with a password to store my passwords that I generate with the random function. I don't see the need for a special program for something this simple.

Fred from Lake Okeechobee posted over 3 years ago:

I've used keepass for 3-5 years and love it. Previously I had moved from a TXT file to Excel. Keepass imported the Excel export CSV file without problem. It allows fine grain control of random passwords generated, e.g., number and allowed characters, etc. It has a multitude of bells and whistles that I now wonder how one lived without them.
I also use the Android app on my smartphone. It can only read (not modify) the 2.x password data file. Previously I was going to a PC to change the password to something easy to type, entering it on my phone, then going back to my PC to restore the original random password.
If you are remotely interested in keepass, download it and try it out to get a feel for it.

Leamon Lorance from IN posted over 3 years ago:

I tried downloading the portable version and got the message 'folder compressed is invalid or corrupt'. Any ideas?

Sorry, you cannot add comments while on a mobile device or while printing.