• Follow us on Twitter
  • Subscribe to our RSS Feed
  • Search Site

  • Home
  • About
  • Contact

You are here: Jorge Orchilles / IT / Cross Platform Password Management

Cross Platform Password Management

Permalink
17 Mar 2011 / 0 Comments / in IT, Security/by Jorge Orchilles

Every information security professional will tell you to use different passwords for every site. This is because if one site gets compromised and your password is cracked then the attacker can log into every site you use. The biggest complaint consumers have with using different passwords is remembering them all; now you don’t have to. Reading 59 Open Source Tools That Can Replace Popular Comercial Software, they suggest three Password Management solutions. Only one of these suggestions will work across different platforms (operating systems). If you are unfamiliar with password management please review the basics of password management. We will be discussing the desktop solution. I am not focusing on hosted/web solutions like LastPass as I do not trust a single site with all my passwords however here is a great write up by Steve Gibson as to why you should trust LastPass.

This post will focus on using a password management system across multiple operating systems: Windows, Mac OS X, and Linux. I will be using KeePassX for password management and DropBox for syncing across multiple devices. If you only use Windows you can use KeePass or Password Safe with DropBox, the process is similar.

First, create a DropBox account (free for 2GB), and install the application on your computers. They have support for Windows, Mac OS X, Linux, and smart phones.  Make sure to note where you placed the DropBox folder. Inside the DropBox folder, create another folder and call it “Safe” or whatever you want for your password file.

Next download KeePassX for the operating system being used. Extract the directory to your Applications directory. On Windows this is most likely C:\Program Files\KeePassX. Open KeePassX and select File-New. You will be creating the new database file. You can select to use a master password and/or a key file. I suggest always using a master password that is a very complex password (or phrase) that you do not use ANYWHERE else. Retype the password when prompted. Now before adding anything to the file, select Save. Choose the folder within the DropBox folder you created.

The basic setup is complete, now repeat the step on all your systems. Ensure you can open the KeePassX file on all your systems. You can only write to the file on one system at a time, so if you try to open the file that is already open it will prompt you to open as read only.

Once all your systems have Dropbox and KeePassX installed you are ready to start filling the database. Take this time to change your passwords on all your sites and ensuring you are using unique passwords on each web site.

Till next time,
Jorge Orchilles

Tags: Management, Passwords, Security

Related Posts

Did you like this entry?
Here are a few more posts that might be interesting for you.
Related Posts
Making Twitter More Secure: HTTPS
Blackhat Europe 2011 Recap
Facebook – Download your Information
SSL Renegotiation DOS FAQ
WP8 App Security – Part 2 Prerequisites
Introduction to Nessus
Windows 7 Security Presentation
Emerging Threats to Infrastructure
BackTrack 4 R2 – Technical Workshop for South Florida ISSA

Comments are closed.

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Categories

  • IT
  • Mobile
  • Security
  • Videos
  • WP8

Latest Videos

  • BackTrack 4 R2 – Technical Workshop for South Florida ISSAFebruary 21, 2011, 10:52 pm
  • Virtual Machine Escape by NSA (video)February 16, 2011, 5:06 pm
  • Windows 7 Security VideoSeptember 21, 2009, 9:35 pm
Popular
  • Windows 7 and VMWare vSphere Client 4July 30, 2009, 5:03 am
  • SSL Renegotiation Denial of ServiceMarch 13, 2011, 9:40 am
  • BackTrack 4 R2 – Technical Workshop for South Florida...February 21, 2011, 10:52 pm
  • Windows 7 Security VideoSeptember 21, 2009, 9:35 pm
Recent
  • Missing Security Features in Windows Phone 8January 7, 2014, 11:14 am
  • WP8 App Security – Part 5 Capturing HTTP and HTTPS TrafficJanuary 3, 2014, 9:08 am
  • WP8 App Security – Part 4 Information GatheringJanuary 2, 2014, 12:34 pm
  • WP8 App Security – Part 3 XAP FileDecember 31, 2013, 11:29 am
Comments
  • […] testing a mobile app, a tester often wants to...January 3, 9:08 am by Jorge Orchilles | Missing Security Features in Windows Phone 8
  • […] three posts in this series were an introduction...December 31, 11:29 am by Jorge Orchilles | WP8 App Security – Part 4 Information Gathering
  • […] first three posts in this series were an introduction...December 30, 5:19 pm by Jorge Orchilles | WP8 App Security – Part 4 Information Gathering
  • […] first three posts in this series were an introduction...December 30, 2:52 pm by Jorge Orchilles | WP8 App Security – Part 4 Information Gathering
Tags
2008 3479 Action Center Apple AppLocker AT&T BackTrack BitLocker Blackhat Browser Chrome Denial of Service Emerging Threats Facebook Firefox HTTPS IE 8 IE9 Internet Explorer Keynote Management Microsoft Nessus nmap Passwords Penetration Testing Presentation Privacy R2 Security Service Pack 1 SP1 SSL SSL Renegotiation Talks U-Verse UAC Video Virtualization Vulnerability Assessment Windows 7 Windows Phone 8 Windows Server WP8 XP Mode

Archives

  • January 2014
  • December 2013
  • November 2013
  • August 2011
  • April 2011
  • March 2011
  • February 2011
  • October 2010
  • September 2010
  • August 2010
  • April 2010
  • March 2010
  • January 2010
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • February 2009
739Follower

Search

© Copyright - Jorge Orchilles - Design by: hellodmcs
  • scroll to top
  • Follow us on Twitter
  • Subscribe to our RSS Feed