Re: [Lista Criptica] Just another password manager

Poista viesti

Lähettäjä: guifipedro
Vastaanottaja: list_criptica
Aihe: Re: [Lista Criptica] Just another password manager
I investigated a little bit (JUST LITTLE BIT OF TESTING, DO NOT TRUST.
Hope some day we will research deeply)

I found an alternative to buttercup:

this way you can import/export open/save keepass database (for me seems

a question is if buttercup manages concurrent users modifying the file
(keeweb does not do that, but facilitates its integration with a system
that manages that concurrency such as owncloud/nextcloud or webdav)

I cannot spend more time today, but I found a fork of keepassx that
seems great:

they have a web interface

I also liked the centralized/corporate approach of vault:

but at the moment I don't see how this can be applied to little groups
of activists

well, somehow:

about pass

today I tried what I could find about GUIs:
I liked! ->

On 06/09/2017 10:11 AM, kakak wrote:
> M... But the hard-drive encryption only protect your data if the drive
> is encrypted, so, in most of cases, when the OS is down and computer
> unpowered.
> If what you mean is to use a secure strong ecrypted volume to store the
> amounts of passwords, that is what do for you keepass, for example.
> The advantage for me in this case, is that keepass has the process
> memory protection[1]:
> * Process Memory Protection: Your passwords are encrypted while KeePass
> is running, so even when the operating system dumps the KeePass process
> to disk, your passwords aren't revealed.
> And this is a definitively advantage. Is keepass a potentially backdoor?
> There are another way to store your password data and use some kind if
> "process memory protection": use a simple text editor, with a plugin
> that every-time that stores something, use gpg2 integration to store the
> content using symmetric or asymmetric enc. In this way, also, the data
> are never stored decrypted[2]
> [1]
> [2] Using Gedit, with symmetric enc:
> edit > preferences > complements > enable external tools
> tools > manage external tools
> Create new external tool, where input are the actual selection and
> output replace actual selection. Also configure your preferred shortcut
> For enc:
> #!/bin/bash
> stdin=$(cat)
> if [ ! "${stdin:0:27}" == "-----BEGIN PGP MESSAGE-----"  ]; then
>     echo "$stdin" | gpg2 --cipher-algo AES256 -c -a  --no-tty
> --use-agent - 2> /dev/null
> else
>     echo "$stdin"
> fi

> For dec:
> #!/bin/bash
> stdin=$(cat)
> if [ "${stdin:0:27}" == "-----BEGIN PGP MESSAGE-----"  ]; then
>     echo "$stdin" | gpg2 --cipher-algo AES256 -d -a --no-tty --use-agent
> - 2> /dev/null
> else
>     echo "$stdin"
> fi

> Alex Antener:
>> What is the advantage using a *potentially* insecure passphrase wallet,
>> if a user already uses a harddrive ecryption with a *strong* crypto. -
>> Isn't this just potentially opening backdoors for a box that is
>> perfectly fine *without*?!?
>> :-P Lix