1 |
chrome://messenger/locale/messengercompose/composeMsgs.properties: |
2 |
> |
3 |
> On 28 Nov 2009, at 22:03, Dale wrote: |
4 |
>> ... |
5 |
>> And to think I came here to ask others opinion BEFORE doing this. I |
6 |
>> was curious as to how this could work myself and if they can be |
7 |
>> trusted, or SHOULD be trusted. Seems everyone thinks no one should. |
8 |
> |
9 |
> |
10 |
> Everyone's yakking it up because it makes them look clever. |
11 |
> |
12 |
> There's no reason encrypted data can't be stored on the server, then |
13 |
> decrypted client-side in the web-browser or by using Java (or possibly |
14 |
> even Javascript). |
15 |
> |
16 |
> That's not saying it IS secure, just that such an infrastructure |
17 |
> should be possible, as much as we consider things like ssh, https &c |
18 |
> to be "secure". |
19 |
> |
20 |
> The "Why LastPass is safe" page <https://lastpass.com/safety.php> is |
21 |
> indeed bullet-points for idiots, and if that was the only information |
22 |
> available on the site then I, too, might be more suspicious. If you |
23 |
> look at the "Technology" summary on the site it looks far more |
24 |
> reasonable: <https://lastpass.com/technology.php>. Perhaps some other |
25 |
> commenters should have read this before posting? |
26 |
> |
27 |
> Would I trust LastPass with child porn or incriminating information |
28 |
> regarding my plans to overthrow the government? |
29 |
> No, I really think not. |
30 |
> |
31 |
> Would I trust it with my bank details and my Slashdot password? |
32 |
> Why not? Those really aren't valuable enough to be worth hacking and |
33 |
> SSL, AES & RSA ought to be plenty enough to secure them. |
34 |
> |
35 |
> Stroller. |
36 |
> |
37 |
|
38 |
This is one reason I thought about using something like this. If I use |
39 |
something that would remember my passwords and type them in for me, then |
40 |
I can use really really strong passwords. You know, passwords like |
41 |
this: !#sd78826=+C0945z$& I'm not saying that is uncrackable but it |
42 |
would take a hacker a while to guess that thing. Me, I go to my bank |
43 |
site a lot so I don't want to have to type something like that in each |
44 |
time I go there. Having something that remembers them and types them in |
45 |
for me would be nice. Tho I would prefer it be local to me and not |
46 |
across the internet. |
47 |
|
48 |
Before someone says that someone can steal my puter, well, they are |
49 |
stored here now anyway. Seamonkey does it for me for most sites. I |
50 |
have the others on post it notes stuck to my monitor. I don't type in |
51 |
my login/password every time I got to the forums or some other site. |
52 |
So, if they steal my puter, they can access whatever they want then |
53 |
anyway. They can boot up with /bin/bash, change the passwords and then |
54 |
access whatever they want. We always tell people physical access trumps |
55 |
about anything else. |
56 |
|
57 |
Since my bank changed their website which doesn't let password manager |
58 |
in Seamonkey work like it used to, I shortened my password, a LOT. I |
59 |
made it something I could type in easier and faster, even in the dark. |
60 |
So by them doing that, it actually made mine less secure. Of course, |
61 |
the bank assumes a lot of that responsibility since they have a $0 risk |
62 |
to me. So, if someone guesses the password, they are on the hook for |
63 |
it. I would like to avoid the hassle tho if I could. |
64 |
|
65 |
Another situation I was thinking about. Let's say it is as secure as |
66 |
they CLAIM it to be. If someone stole my puter, I could go to lostpass |
67 |
and change the master password or just close the account. Then even my |
68 |
computer would be useless to them. From my understanding you have to |
69 |
type in the master password from time to time. If it is changed through |
70 |
the website, I'm sure it would require it to be re-entered. |
71 |
|
72 |
So, another question. Is there a tool that is local and would do |
73 |
something like this? I am using Seamonkey 2.0 nowadays. It seems to |
74 |
have some tools available to it that the old Seamonkey doesn't. |
75 |
|
76 |
Dale |
77 |
|
78 |
:-) :-) |