Two weeks I go I wondered about passwords: how to tackle that?. Doing web development, I have tons of logins and I used to have one password for most of the sites I log in to. Not terribly safe.
My chosen solution: oplop. https://oplop.appspot.com/ . The comments on that previous blog post suggested that. It doesn’t store anything on a server, everything happens locally in your browser.
You pick some master password or passphrase that you can remember.
When you need a password, you go to the oplop page and type in an identifier for the password (‘google’, ‘bitbucket’, ‘yourcompany.com’, whatever) and your master password.
The identifier and the master password get combined into one md5 hash and then the first 8 characters are taken. There are a few extra deterministic rules to ensure it is a mix of characters and numbers.
Tadaah, you’ve got your 8 character password that looks like a cat walked over your keyboard. I then tell firefox to remember the password, of course.
I’ve got a new mac, so that is a good way to start a-fresh with all my passwords. Every site that I have to log in to, I take the extra effort of setting a new password.
So: new apple, new passwords!
My name is Reinout van Rees and I program in Python, I live in the Netherlands, I cycle recumbent bikes and I have a model railway.
Most of my website content is in my weblog. You can keep up to date by subscribing to the automatic feeds (for instance with Google reader):