Is there a good password holder program out there?

On a related subject, the entire concept of passwords is being debated today. And probably replaced at some point in the future. I am a consultant to banks on technology. There's been plenty written in trade journals regarding passwords and how easily they can be compromised. Not the authentication system, but the human the password belongs to. As password requirements become stronger, they are less likely to be remembered by anyone. Hence this thread.

Here's a good article that sums up the issues.
BBC - Future - Technology - Time to forget your online passwords?

 

Thaat is as low tech as it gets, my friends.

But yeah, just don't lose the paper. Put it in your wall safe, lol.
--- merged: Aug 16, 2013 at 8:00 PM ---
Again, I didn't read so don't know if anyone has brought up this unique side-topic, it's related to what Craven brought up:

The Obama administration has evidently requested a database be compiled in HLS of every password entered into every website based in the U.S., or dealing with U.S. citizens.

Great spirit of cooperation they have, that's what I say. I say we use ours to legally bind them from collecting that information.

 

No, they haven't. And as Martian said, that's pretty much impossible. Not to mention an incredibly inefficient use of resources. I call bullshit just for the fact that it would be an incredibly dumb idea.

 

Sure. They can have it. From what I understand, any self-respecting website is salting and encrypting their passwords in the databases they're being stored in, so if the government wants to divert it's attention from... whatever it's doing... to trying to crack billions of salted passwords, I say let them try.

...

Even if this is Facebookmongering, it's still something that doesn't (or wouldn't) surprise me. The reason for which is something that should be discussed in another section of this site.
Either way, it's still just sad.

 

Outrageous claims call for at least some sort of proof, especially when there's no source at all cited. So I'm just going to chalk this up as further proof of my theorem that people are stupid and will believe anything if said with enough energy.

 

^ I'll believe that.

proof

 

Well, maybe it's just web 2.0 sites with charters and legal teams.
--- merged: Aug 19, 2013 at 2:55 AM ---
I thought it was prevalent in the media, but then again, I am idealistic.

Here's some credible sources:
Feds tell Web firms to turn over user account passwords | Politics and Law - CNET News
"A second person who has worked at a large Silicon Valley company confirmed that it received legal requests from the federal government for stored passwords. Companies 'really heavily scrutinize' these requests, the person said. 'There's a lot of 'over my dead body.' '
Some of the government orders demand not only a user's password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. A salt is a random string of letters or numbers used to make it more difficult to reverse the encryption process and determine the original password. Other orders demand the secret question codes often associated with user accounts"

A lot of contacts are cited from the CNET source a lot of the big companies actually said they "never" did, would, or did without legal requirements give the passwords, encryptions, or algorithms, but this caught my eye:

"Apple, Facebook, AOL, Verizon, AT&T, Time Warner Cable, and Comcast did not respond to queries about whether they have received requests for users' passwords and how they would respond to them."


That is, however, the only source I'd consider credible with the whole media state our country has become over the last few decades.

 

skitto, you realize that there is a huge difference between what you're citing and what you're claiming, right? The article you cited is about requests for specific individual's passwords. You're claiming that the US government is after all the passwords from all the websites. There is a huge difference.

 

I'm he citation said there were requests on the encryption, that counts.

But we're now off topic, sorry.