In practice, this means that you can increase the security of your passwords while using the same master password on every site, without having to store secrets anywhere. Using SuperGenPass gets you through most of the items in the Bruce Schneier's password rules. Changing passwords gets a little trickier, though, because you have to use two bookmarklets in the transition period: one for the old master password and one for the new one.
Sure, there are other password generators and password managers, but this simple javascript bookmarklet has provided the best user experience so far. Browser compatibility is the only serious problem with the standard SuperGenPass bookmarklet. It didn't work in the Nokia S60 or iPhone browsers, and I remember having problems with IE7. For these situations, there is a static html mobile version that lets you manually generate SuperGenPass passwords on any device. It is also needed when using someone else's computer. A minor annoyance with SuperGenPass is that some websites have idiotic restrictions on password length, and the default 10 character password may be too long or too short.
SuperGenPass is practical for websites only, when a user-generated, non-shared password is needed. I use KeePass for other password management, but wouldn't recommend it for webapps.
-mika-
Posts
0 comments:
Post a Comment