Related Searches
Definitions
Password_manager

Password_manager

Password manager
A password manager is software that helps a user organize passwords and PIN codes. The software typically has a local database or files that holds the encrypted password data. Many password managers also work as a form filler, thus they fill the user and password data automatically into forms. These are usually implemented as a browser extension.

Password managers come in three basic flavors:

  • Desktop - desktop software storing passwords on a computer hard drive.
  • Portable - portable software storing passwords and program on a mobile device, such as a PDA or smart phone. (U3 and the like).
  • Web based - Online password manager where passwords are stored on a provider's website.

Password managers can also be used as a defense against phishing. Unlike human beings, a password manager program, which can handle automated login script is not susceptible to visual imitations and look alike websites. With this built-in advantage, the use of a password manager is beneficial even if the user only has a few passwords to remember. However not all password managers can automatically handle the more complex login procedures imposed by many banking websites.

Vulnerabilities

Password managers typically use a user-selected master password or passphrase to form the key used to encrypt the protected passwords. This master password must be strong enough to resist attack (eg, brute force, dictionary attacks, etc). Some password managers use the Blowfish cipher because it has a relatively long setup time for each new trial key, thereby providing a small degree of attack resistance (due to key strengthening).

The master password can also be attacked and discovered using key logging or acoustic cryptanalysis. Some password managers claim to provide means for entering master passwords which are key logging-resistant.

A compromised master password renders all of the protected passwords vulnerable. This demonstrates the universal relation between usability and security: one might enjoy better security having memorized all passwords, but the effort is inconvenient and usually annoying.

Some password managers include a password generator. Generated passwords may be guessable if the password manager does not employ adequate randomness, which is not easy to assure.

A password manager may hold passwords unencrypted in memory while access is being made to records. This is a security risk should an attacker obtain read privileges for the memory involved.

Online password manager

An online password manager is a website that securely stores login details, usually a username and password, used to log into a third party website. They are a web-based version of more conventional desktop-based password manager.

The advantages of online password managers over desktop-based versions are portability (they can generally be used on any computer with a browser and a network connection, without having to install software), and a reduced risk of losing passwords through theft from or damage to a single PC. The damage risk can be largely mitigated by taking steps to ensure usable backups, though this raises the issue of who has access to the backup media and to the passwords it contains.

The major disadvantage of online passwords managers is inherent and unavoidable since the passwords (including the master password) are sent over the network, from which they may be copied unnoticeably during transit, and are stored on server computers using software and hardware over which the password owner has no control and from which the protected passwords might be obtainable by an attacker. Fraud in the first instance is also possible; this is a variant of a phishing attack. is The degree of trust required is high and is hard to justify. The history of security breaches and of loss of centrally stored information (eg, in multiple adn increasing infamous incidents of identity theft) do not inspire confidence.

The use of a web-based password manager is an alternative to single sign-on techniques, such as OpenID or Microsoft's Windows Live ID scheme (formerly Passport), or may serve as a stop-gap measure pending adoption of a better method.

See also

Notes

External links

Wikipedia, the free encyclopedia © 2001-2006 Wikipedia contributors (Disclaimer)
This article is licensed under the GNU Free Documentation License.
Last updated on Saturday October 04, 2008 at 21:14:19 PDT (GMT -0700)
View this article at Wikipedia.org - Edit this article at Wikipedia.org - Donate to the Wikimedia Foundation

Related Articles
ManageEngine Fortifies Password Manager Pro with HTML5-Powered, First-in-Class Remote Login.
Apr 10, 2012; ManageEngine, the real-time IT management company, announced HTML5-powered, first-in-class remote login mechanisms for Password...
Read more with a free trial on HighBeam.com »
ManageEngine Strengthens Password Manager Pro with Session Recording
Oct 25, 2012; By a News Reporter-Staff News Editor at Computer Weekly News -- ManageEngine, the real-time IT management company, announced the...
Read more with a free trial on HighBeam.com »
Lieberman Software's Random Password Manager Receives Editor's Choice Award from Military Embedded Systems Magazine.
May 13, 2010; Lieberman Software Corporation, the enterprise leader in privileged identity management, announced that Military Embedded Systems...
Read more with a free trial on HighBeam.com »
APC Biometric Password Manager.(Product/ service evaluation)
Jan 24, 2008; Byline: Cliff Joseph APC Biometric Password Manager Increase your PC's security with fingerprint technology For those concerned...
Read more with a free trial on HighBeam.com »
DigitalPersona Introduces Password Manager Software
Sep 20, 2004; Wireless News 09-20-2004 DigitalPersona Introduces Password Manager SoftwareWIRELESS NEWS-20 September 2004-DigitalPersona...
Read more with a free trial on HighBeam.com »
HighBeam Research, Inc. © Copyright 2009.

Search another word or see Password_manageron Dictionary | Thesaurus |Spanish
  • Please Login or Sign Up to use the Recent Searches feature
FAVORITES
RECENT