Re: KeePass


erik burggraaf <erik@...>
 

Remembering passwords is something of a security risk. Unfortunately, the various rules and regulations around passwords mean you have too many passwords to remember and they're frequently obscure. Also, it's common for people to have more than one device. Some people even have three or four devices. Modern browsers remember your passwords across devices, which is too hellishly convenient for words.

Fortunately on Modern devices, it is usually possible to attach your keychain to a fingerprint. When you have to swipe your print in order to get your password entered, the security risk is substantially reduced.

On July 25, 2017 11:27:07 AM "Gene" <gsasner@...> wrote:

I've seen different articles that advise against having browsers remember passwords as a security risk. 
 
Gene
----- Original Message -----
Sent: Tuesday, July 25, 2017 10:21 AM
Subject: Re: [nvda] KeePass

I've failed miserably to get Firefox to remember passwords. I'm obviously
not doing it right.
 Brian

bglists@...
Sent via blueyonder.
Please address personal email to:-
briang1@..., putting 'Brian Gaff'
in the display name field.
----- Original Message -----
From: "Quentin Christensen" <quentin@...>
To: <nvda@nvda.groups.io>
Sent: Tuesday, July 25, 2017 11:35 AM
Subject: Re: [nvda] KeePass


> There are a number of ways of keeping track of passwords:
> - Most browsers will offer to remember passwords for you.  This may be
> local, or on the cloud (If you log in to either FireFox or Chrome, I know
> they can remember your favourites / bookmarks across devices, and I think
> passwords as well).
> - There are dedicated programs (such as Keepass) which will keep your
> passwords in one place, locally.
> - There are also dedicated programs that will keep your passwords online
> so
> you can easily access them across devices
> - Or you can keep them manually (either in your head, on a notepad or
> recorded by the PC or on a file in say, notepad ON the PC).
>
> Which way you go really is personal choice.  I prefer an option like
> Keepass which keeps the passwords locked up but in a local file, so it's
> harder for anyone who shouldn't to get access to it.  Cloud based
> solutions
> have the benefit of easy access across devices, but as has already been
> demonstrated, there is the potential for them to be hacked and then you
> could potentially lose, or have to replace ALL your passwords (LastPass -
> a
> cloud based password service, got hacked last year).
>
> Using a password manager also has the benefit of being able to generate
> random passwords - and because they're being kept in the program, they can
> be easily made unique and complex for every site.  Using your browser is
> convenient for a lot of people, though they often don't offer that
> service,
> you still have to create a password.
>
> On Tue, Jul 25, 2017 at 4:45 PM, nasrin khaksar <nasrinkhaksar3@...>
> wrote:
>
>> hi travis and quentin.
>> thanks so much for your comments.
>> whats the different between password manager programs and usual way
>> which we enter password manually?
>> is it possible for users that dont save any informations in there
>> browsers to use such program?
>> what does it do for us?
>> thanks again, God bless you and i sincerely pray for you every day.
>>
>> On 7/25/17, Kwork <istherelife@...> wrote:
>> > Thank you, Quentin. That's one of the reasons I became attracted to the
>> idea
>> > of it, that it's free and open sourced. No, it doesn't use the cloud or
>> > servers such as LastPass and other competitors, but that's not
>> > foolproof
>> > anyway as my LastPass account was hacked recently based on a supposedly
>> 100%
>> > secure master password, and I spent a good day or two changing all my
>> > passwords as a result, and doing my best to convince Netflix that, no,
>> > I
>> did
>> > not live in Brazil, and that I did speak English, not Spanish, and live
>> in
>> > the US. What a mess. I'm just glad it wasn't more costly than that.
>> > Travis
>> > ----- Original Message -----
>> > From: Quentin Christensen
>> > To: nvda@nvda.groups.io
>> > Sent: Monday, July 24, 2017 9:41 PM
>> > Subject: Re: [nvda] KeePass
>> >
>> >
>> > As a bonus, Keepass is free and open source, so you can try both and
>> > keep
>> > whichever one you like.  Note you can import Keepass 1.x files into
>> Keepass
>> > 2.x but not the other way around (as Keepass 2 has more features):
>> > http://keepass.info/help/v2/version.html
>> >
>> >
>> > Regards
>> >
>> > Quentin.
>> >
>> >
>> > On Tue, Jul 25, 2017 at 2:32 PM, Kwork <istherelife@...> wrote:
>> >
>> >   Thank you Quentin. It appears that v1 and v2 are a matter of user
>> choice,
>> > and that both are accessible enough. I'll take a look at both and
>> decide. V1
>> > might be enough as my needs are basic.
>> >   Travis
>> >   ----- Original Message -----
>> >   From: Quentin Christensen
>> >   To: nvda@nvda.groups.io
>> >   Sent: Monday, July 24, 2017 8:43 PM
>> >   Subject: Re: [nvda] KeePass
>> >
>> >
>> >   Hi Travis,
>> >
>> >
>> >   I use KeePass version 1 and find it quite good.  There are a couple
>> > of
>> > unlabelled buttons.  The main ones I use which aren't labelled are one
>> tab
>> > after the first password field is "show password", and the one after
>> > the
>> > second password field is to generate a password.  Other than that,
>> > everything works fine with NVDA.
>> >
>> >
>> >   Just reading through the documentation for you, it does say: "
>> >     a.. [2.x] Accessibility: KeePass 2.x features an advanced option
>> > that
>> > explicitly optimizes the user interface for screen readers."
>> >
>> >
>> >   I initially chose V1 because I didn't need any of the extra features
>> > in
>> > V2: http://keepass.info/compare.html
>> >
>> >
>> >   So it might be that V2 is even more accessible, although in fact, V1
>> isn't
>> > that far off.
>> >
>> >   Regards
>> >
>> >
>> >   Quentin.
>> >
>> >
>> >
>> >
>> >
>> >
>> >   On Tue, Jul 25, 2017 at 8:32 AM, Kwork <istherelife@...> wrote:
>> >
>> >     It seems that there was a recent discussion of KeePass on this
>> > list,
>> but
>> > don't remember for sure as we've been dealing with moves and other
>> personal
>> > stuff, so emails didn't always get kept or read. If I'm remembering
>> right,
>> > how accessible is it with NVDA. I think I also remember reading
>> > somewhere
>> > that there are two active releases of the program, a version 1 and a
>> version
>> > 2. Is one better than the other for us? Thanks so much for any advice
>> > and
>> > help.
>> >     Travis
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >   --
>> >
>> >   Quentin Christensen
>> >   Training and Support Manager
>> >
>> >
>> >   Basic Training for NVDA & Microsoft Word with NVDA E-Books now
>> available:
>> > http://www.nvaccess.org/shop/
>> >
>> >
>> >   Ph +61 7 3149 3306
>> >   www.nvaccess.org
>> >   Facebook: http://www.facebook.com/NVAccess
>> >   Twitter: @NVAccess
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > --
>> >
>> > Quentin Christensen
>> > Training and Support Manager
>> >
>> >
>> > Basic Training for NVDA & Microsoft Word with NVDA E-Books now
>> > available:
>> > http://www.nvaccess.org/shop/
>> >
>> >
>> > Ph +61 7 3149 3306
>> > www.nvaccess.org
>> > Facebook: http://www.facebook.com/NVAccess
>> > Twitter: @NVAccess
>> >
>> >
>>
>>
>> --
>> we have not sent you but as a mercy to the creation.
>> holy quran, chapter 21, verse 107.
>> in the very authentic narration is:
>> imam hosein is the beacon of light and the ark of salvation.
>> best website for studying islamic book in different languages
>> al-islam.org
>>
>>
>>
>>
>
>
> --
> Quentin Christensen
> Training and Support Manager
>
> Basic Training for NVDA & Microsoft Word with NVDA E-Books now available:
> http://www.nvaccess.org/shop/
>
> Ph +61 7 3149 3306
> www.nvaccess.org
> Facebook: http://www.facebook.com/NVAccess
> Twitter: @NVAccess
>



Join nvda@nvda.groups.io to automatically receive all group messages.