Paul,
Roboform uses secure encryption to protect passwords. Here's what is said
on the Roboform website: "Encryption by Master Password You can protect all
your Identities and Passcards with the Master Password thus making them
inaccessible to unauthorized users and unreadable by hackers even if they
are stolen. We use 3DES encryption for increased protection."
Here is more about the 3DES encryption method:
Overview of 3DES
DES is a block cipher - i.e. it acts on a fixed-length block of plaintext
and converts it into a block of ciphertext of the same size by using the
secret key. In DES, the block size for plaintext is 64 bits. The length of
the key is also 64 bits but 8 bits are used for parity. Hence the effective
key length is only 56 bits. In 3DES, we apply 3 stages of DES with a
seperate key for each stage. So the key length in 3DES is 168 bits.
Decryption is done by applying the reverse transformation to the
block of ciphertext using the same key. Since the same key is used both in
encryption and decryption, DES is a symmetric key cipher. This method
differs from algorithms like the RSA encryption which use different keys to
encrypt and decrypt a message. The DES method of operation is shown below:
Using state of the art multiple arrayed computers,168 bit encryption cannot
be currently broken by any known method including brute force given a
century for the thief to try to decrypt the data.
This is my choice for passwords. However if you are ultra paranoid about
this, get a 256 bit method like what Bestcrypt offers:
http://www.jetico.com/ This would take the attacker longer to decrypt than
the Sun will burn in the sky. However Roboform is much easier to use.
J. Dent
At 06:40 PM 8/26/2004, you wrote:
>Give Password Manager XP a try.
>http://www.freepctech.com/rode/026.shtml
>Very secure password storage.
>
>Rode
>The NOSPIN Group
>http://freepctech.com
>
>
>
>>Does anyone know which of the following is the most secure way of
>>storing passwords?
>>
>>Roboform
>>IE native password storage
>>Firefox native password storage
>>
>>Comments would be appreciated. My thought is that hackers
>>know where to look for passwords for IE in particular - but
>>more than likely for all of the programs when you get right
>>down to it. Should all of these programs/features be avoided?
>>---------
>>Regards,
>>Paul Ecclestone
>
> The NOSPIN Group is now accepting donatations
> to continue providing PCSOFT and our website.
> Visit http://freepctech.com to donate using Paypal
The NOSPIN Group Promotions is now offering
Mandrake Linux or Red Hat Linux CD sets along
with the OpenOffice CD... at a great price!!!
http://freepctech.com/goodies/promotions.shtml
|