impengo's Journal: On Skinning cats and keeping up with passwords

I learned about password safe from Bruce Schneier's Blog. When I finally bit the bullet and tried it, I found my life improved. My one password (it differs only from the OS password on my XP system,) is easy to remember, and compromises no online account. Each online account now has a unique identifier than I can set to expire on any schedule I choose. Even if you guessed a single account's password, the others are all just as hard to guess. My thumbdrive where the file is encrypted is now more valuable than my wallet, but by itself cannot compromise my _security_. In my implementation, I keep the relevant passwords written on a piece of paper in my safety deposit box, and back the thumbdrive file up to my hdd every time I update a password. The safe itself is almost idiot proof. If you change a password before you log into a site for which it was your intention so to do, you are certainly locked out. However, in the pattern of old word processors it keeps a .bak type file of each update as you go, with the archive controlled from within the small program (you can set how many generations to save.) The procedure in the event you make a mistake and find yourself locked out of an online account whose password you have just updated, is to restore from the .bak file; log in and THEN update the offending password. It is open source, and as such one may examine the source code for any security breaches one might fear... my mind is 100% at ease. What does this have to do with skinning cats? The old man used to say "There's more ways to skin a cat than puttin' it's head in a boot jack and pullin' on its tail." The guy who wrote Password Safe DEFINITELY knew how to skin that cat. You'll end up "screwin' the pooch" if you don't admit that when it comes to breaking into password safe "you can't skin a cat that way."