Supplemental Resources and Links for Episodes #4 & #5

Resource links for Security Now! Episodes #4 & #5:

Personal Password Policies
Parts I and II

This is a list of recommendations and favorite passwords-related utilities suggested by listeners of Security Now! #4 & #5.

 Bruce Schneier's Password Safe – This is a very popular and very secure solution for storing passwords. The Original Version needs no installer.

 PINs Secure Passwords Manager — This is a free and feature-rich open source windows password manager. It's a terrific solution for those who want to carry a USB flash drive, since it requires NO installation and can run directly from a flash drive with its data files located in the same place. It uses 448-bit Blowfish encryption and is available in a great many language variations.

 KeePass – This is a free, open-source, light-weight and easy-to-use password manager. It uses the extremely strong AES and TwoFish ciphers to secure its password database.

 PwdHash – Web-based password hashing for Mozilla Firefox, from Standard University Security Lab. Here is a javascript-based web page that generates the same hash as PwdHash would.

 Personal Passworder – A popular commercial ($14.95 or $19.95 USD) safe for storing passwords and other personal data.

 MobilePad – An inexpensive ($4.30 or $8.99 USD) utility for storing passwords in a cell phone.

 RoboForm – Free and Commercial ($29.95 USD) versions of this top-rated password manager and web form filler that completely automates password entering and form filling. RoboForm also offers the "Pass2Go" USB key for storing passwords and solutions for Internet Explorer, Mozilla Firefox, Pocket PC, Palm

 Obliette – This open-source solution was created by its author because none of the other existing tools did exactly what he wanted. So he created "Obliette" to be more functional, easier to use, and no less secure than any competing product.

 got password? – This is a seemingly nice and somewhat generic password generator. However it uses the 128-bit strong RC4 encryption algorithm. Unfortunately, since RC4 is a pseudo-random sequence generator, it is not secure in this application when a single encryption key is used for the repetitive encryption of multiple passwords. This is a common mistake, and in fact it was made by the designers of the original badly-broken WEP encryption for WiFi wireless networks. You should probably avoid using this tool.

 PasswordMaker – This is a small, lightweight, free extension for Firefox, Mozilla, and Netscape (Internet Explorer support coming soon). It creates unique, secure passwords that are very easy to retrieve. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.

 Strip –S.T.R.I.P. stands for "Secure Tool for Recalling Important Passwords". It is a free, open-source, GNU password and account manager for the Palm Computing Platform.

 Access Manager – This is a free (for personal use) and affordable for commercial use ($24.95) password safe which is unlocked with a single master password. It is available in Dutch, German, and English.

 Password Wallet – This is a Palm-to-Macintosh password safe and synchronization solution. Both the Palm and Mac sides of the application encrypt their password databases with quite strong 448-bit BlowFish encryption.

 Passwords Plus – This is a comprehensive set of utilties for storing, managing, and encrypting password collections on PC, Laptop, Macintosh, Palm, Pocket PC, or Smartphone.


Jump to top of page
Gibson Research Corporation is owned and operated by Steve Gibson.  The contents
of this page are Copyright (c) 2016 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy.
Jump to top of page

Last Edit: May 04, 2013 at 17:12 (1,683.24 days ago)Viewed 4 times per day