DOCSLIB.ORG

A Security Evaluation of Password Generation, Storage, and Autofill In

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers Sean Oesch and Scott Ruoti, University of Tennessee https://www.usenix.org/conference/usenixsecurity20/presentation/oesch This paper is included in the Proceedings of the 29th USENIX Security Symposium. August 12–14, 2020 978-1-939133-17-5 Open access to the Proceedings of the 29th USENIX Security Symposium is sponsored by USENIX. That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers Sean Oesch Scott Ruoti University of Tennessee, Knoxville University of Tennessee, Knoxville [email protected] [email protected] Abstract of security advice by users is rational when the low percentage of users affected by breaches is contrasted with Password managers have the potential to help users more the effort required [18]. However, the number of data effectively manage their passwords and address many of the breaches is on the rise [28], and this situation leaves many concerns surrounding password-based authentication. users vulnerable to exploitation. However, prior research has identified significant Password managers can help users more effectively manage vulnerabilities in existing password managers; especially in their passwords. They reduce the cognitive burden placed browser-based password managers, which are the focus of upon the user by generating strong passwords, storing those this paper. Since that time, five years has passed, leaving it passwords, and then filling in the appropriate password when unclear whether password managers remain vulnerable or a site is visited. The user is now able to follow the latest whether they have addressed known security concerns. To security advice regarding passwords without placing a high answer this question, we evaluate thirteen popular password cognitive burden on themselves. But password managers managers and consider all three stages of the password are not impervious to attack. Li et al. [19] previously found manager lifecycle—password generation, storage, and significant vulnerabilities in major password managers like autofill. Our evaluation is the first analysis of password LastPass and RoboForm. Both Silver et al. [29] and Stock generation in password managers, finding several and Johns [31] demonstrated that browser-based password non-random character distributions and identifying instances managers, including LastPass and 1Password, are vulnerable where generated passwords were vulnerable to online and to cross-site scripting attacks (XSS) and network injection offline guessing attacks. For password storage and autofill, attacks as a result of their password autofill features. we replicate past evaluations, demonstrating that while password managers have improved in the half-decade since Since these studies five or more years have passed, leaving those prior evaluations, there are still significant issues; these it unclear whether password managers remain vulnerable or problems include unencrypted metadata, insecure defaults, whether they are now ready for broad adoption. To answer this and vulnerabilities to clickjacking attacks. Based on our question, we update and expand on these previous results and results, we identify password managers to avoid, provide present a thorough, up-to-date security evaluation of thirteen recommendations on how to improve existing password popular password managers. We provide a comprehensive managers, and identify areas of future research. evaluation of browser-based password managers, including five browser extensions and six password managers integrated directly into the browser. We also include two desktop clients 1 Introduction for comparison. In our evaluation, we consider the full password manager Despite the well-established problems facing password-based lifecycle [8]—password generation (Section4), storage authentication, it continues to be the dominant form of (Section5), and autofill (Section6). For password generation, authentication used on the web [4]. Because passwords that we evaluate a corpus of 147 million passwords generated by are difficult for an attacker to guess are also hard for users to the studied password managers to determine whether they remember, users often create weaker passwords to avoid the exhibit any non-randomness that an attacker could leverage. cognitive burden of recalling them [12,26]. In fact, with the Our results find several issues with the generated passwords, increase in the number of passwords users are required to the most severe being that a small percentage of shorter store, they often reuse passwords across generated passwords are weak against online and offline websites [11, 15, 25, 33]. Herley points out that this rejection attacks (shorter than 10 characters and 18 characters, USENIX Association 29th USENIX Security Symposium 2165 respectively). We also replicate earlier work examining the 2 Background security of password storage [17] and autofill [19, 29, 31]. In this section, we describe the responsibilities of a password manager. We also describe prior work that has analyzed Our results find that while password managers have password managers. improved in the past five years, there are still significant security concerns. We conclude the paper with several recommendations on how to improve existing password 2.1 Password Managers managers as well as identifying future work that could In the most basic sense, a password manager is a tool that significantly increase the security and usability of password stores a user’s credentials (i.e., username and password) to managers generally (Section7). alleviate the cognitive burden associated with a user remembering many unique login credentials [19]. This store of passwords is commonly referred to as a password vault. Our contributions include: The vault itself is ideally stored in encrypted form, with the encryption key most commonly derived from a user-chosen 1. Our research finds that app-based and extension-based password known as the master password. Optionally, the password managers have improved security compared password vault can be stored online, allowing it to be to five years ago. However, there are still residual synchronized across multiple devices. vulnerabilities that need to be addressed—for example, In addition to storing user-selected passwords, most several tools will automatically fill passwords into modern password managers can help users generate compromised domains without user interaction and passwords. Password generation takes as input the length of others that do require user interaction allow users to the desired password, the desired character set, and any disable it. As such, it is important to both carefully special attribute the password should exhibit (e.g., at least select a password manager and to configure it properly, one digit and one symbol, no hard to recognize characters). something that may be difficult for many users. The password generator outputs a randomly generated 2. To our knowledge, this paper is the first evaluation of password that meets the input criterion. password generation in password managers. As part of Many password managers also help users authenticate to this evaluation, we generated 147 million passwords websites by automatically selecting and filling in (i.e., representing a range of different password managers, autofill) the appropriate username and password. If users character composition policies, and length. We have multiple accounts on the website, the password manager evaluated this corpus using various methods (Shannon will allow users to select which account they wish to use for entropy, c2 test, zxcvbn, and a recurrent neural net) to autofill. find abnormalities and patterns in the generated If properly implemented and used, a password manager has passwords. We found several minor issues with several tangible benefits to the user: generated passwords, as well as a more serious problem 1. It reduces the cognitive burden of remembering where some generated passwords are vulnerable to usernames and passwords. online and offline attacks. 3. Our work is the most comprehensive evaluation of 2. It is easy to assign a different password to every website, password manager security to date. It studies the largest addressing the problem of password reuse. number of password managers (tied with Gasti and Rasmussen [17]) and is the only study that 3. It is easy to generate passwords that are resilient to online simultaneously considers all three stages of the and offline guessing attacks. password manager lifecycle [8]—password generation, storage, and autofill (prior studies considered either storage or autofill, but not both simultaneously). 2.2 Related Work 4. Prior security evaluations of password managers in the Several studies have looked at various aspects of password literature are now five or more years old. In this time, manager security. there have been significant improvements to password Web Security Li et al. [19] analyzed the security of five managers. In our work, we partially or fully replicate extension-based password managers, finding significant these past studies [17, 19, 29, 31] and demonstrate that vulnerabilities in the tools as well as the websites that hosted while many of the issues identified in these studies have the user’s password vault. These vulnerabilities included been addressed, there are still problems such as logic and authorization errors, misunderstandings about the unencrypted metadata,
Recommended publications
  • Desktop Migration and Administration Guide

    Desktop Migration and Administration Guide

    Red Hat Enterprise Linux 7 Desktop Migration and Administration Guide GNOME 3 desktop migration planning, deployment, configuration, and administration in RHEL 7 Last Updated: 2021-05-05 Red Hat Enterprise Linux 7 Desktop Migration and Administration Guide GNOME 3 desktop migration planning, deployment, configuration, and administration in RHEL 7 Marie Doleželová Red Hat Customer Content Services [email protected] Petr Kovář Red Hat Customer Content Services [email protected] Jana Heves Red Hat Customer Content Services Legal Notice Copyright © 2018 Red Hat, Inc. This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
  • The Kdesvn Handbook

    The Kdesvn Handbook

    The kdesvn Handbook Rajko Albrecht The kdesvn Handbook 2 Contents 1 Introduction 7 1.1 Terms . .7 2 Using kdesvn 8 2.1 kdesvn features . .8 2.2 Beginning with subversion and kdesvn . .8 2.2.1 Creating a working copy . .9 2.2.2 Committing local changes . .9 2.2.3 Update working copy . .9 2.2.4 Adding and Deleting from working copy . .9 2.2.4.1 Add items . 10 2.2.4.2 Deleting items from working copy and unversion . 10 2.2.5 Displaying logs . 10 2.2.5.1 The log display dialog . 10 2.3 Working on repositories . 11 2.3.1 Restoring deleted items . 11 2.3.2 Importing folders . 11 2.3.2.1 With drag and drop . 11 2.3.2.2 Select folder to import with directory-browser . 11 2.4 Other Operations . 11 2.4.1 Merge . 11 2.4.1.1 Internal merge . 12 2.4.1.2 Using external program for merge . 12 2.4.2 Resolving conflicts . 12 2.5 Properties used by kdesvn for configuration . 13 2.5.1 Bugtracker integration . 13 2.6 The revision tree . 13 2.6.1 Requirements . 14 2.7 Internal log cache . 14 2.7.1 Offline mode . 14 2.7.2 Log cache and revision tree . 14 The kdesvn Handbook 2.8 Meaning of icon overlays . 14 2.9 kdesvn and passwords . 16 2.9.1 Not saving passwords . 16 2.9.2 Saving passwords in KWallet . 16 2.9.3 Saving to subversion’s own password storage .
  • Schon Mal Dran Gedacht,Linux Auszuprobieren? Von G. Schmidt

    Schon Mal Dran Gedacht,Linux Auszuprobieren? Von G. Schmidt

    Schon mal dran gedacht, Linux auszuprobieren? Eine Einführung in das Betriebssystem Linux und seine Distributionen von Günther Schmidt-Falck Das Magazin AUSWEGE wird nun schon seit 2010 mit Hilfe des Computer-Betriebs- system Linux erstellt: Texte layouten, Grafiken und Fotos bearbeiten, Webseiten ge- stalten, Audio schneiden - alles mit freier, unabhängiger Software einer weltweiten Entwicklergemeinde. Aufgrund der guten eigenen Erfahrungen möchte der folgende Aufsatz ins Betriebssystem Linux einführen - mit einem Schwerpunkt auf der Distri- bution LinuxMint. Was ist Linux? „... ein hochstabiles, besonders schnelles und vor allem funktionsfähiges Betriebssystem, das dem Unix-System ähnelt, … . Eine Gemeinschaft Tausender programmierte es und verteilt es nun unter der GNU General Public Li- cense. Somit ist es frei zugänglich für jeden und kos- tenlos! Mehrere Millionen Leute, viele Organisatio- nen und besonders Firmen nutzen es weltweit. Die meisten nutzen es aus folgenden Gründen: • besonders schnell, stabil und leistungs- stark • gratis Support aus vielen Internet- Newsgruppen Tux, der Pinguin, ist das Linux-Maskottchen • übersichtliche Mailing-Listen • massenweise www-Seiten • direkter Mailkontakt mit dem Programmierer sind möglich • Bildung von Gruppen • kommerzieller Support“1 Linux ist heute weit verbreitet im Serverbereich: „Im Oktober 2012 wurden mindes- tens 32% aller Webseiten auf einem Linux-Server gehostet. Da nicht alle Linux-Ser- ver sich auch als solche zu erkennen geben, könnte der tatsächliche Anteil um bis zu 24% höher liegen. Damit wäre ein tatsächlicher Marktanteil von bis zu 55% nicht 1 http://www.linuxnetworx.com/linux-richtig-nutzen magazin-auswege.de – 2.11.2015 Schon mal dran gedacht, Linux auszuprobieren? 1 auszuschliessen. (…) Linux gilt innerhalb von Netzwerken als ausgesprochen sicher und an die jeweiligen Gegebenheiten anpassbar.
  • Privacy and You the Facts and the Myths

    Privacy and You the Facts and the Myths

    Privacy and You The facts and the myths Bill Bowman and Katrina Prohaszka Clarkston Independence District Library 1 Overview ● What is privacy? ● Why should you care? ● Privacy laws, regulations, and protections ● Privacy and libraries ● How to protect your privacy → need-to-know settings 2 “[Privacy is] the right to What is Privacy? be let alone” - Warren & Brandeis, 1890 3 What is Privacy cont’d - Alan Westin (1967) on privacy: - “[privacy is] the right of individuals to control, edit, manage, and delete information about themselves, and to decide when, how, and to what extent information is communicated to others.” - Privacy provides a space for discussion, growth, and learning - Privacy is the ability to control your information and maintain boundaries 4 DEMO → Ghostory 5 What Privacy Is NOT - common myths Myth: Privacy and secrecy Myth: Privacy and security are the same are the same - Privacy is about being - Privacy is about unobserved safeguarding a user’s identity - Secrecy is about intentionally hiding - Security is about something protecting a user’s information & data 6 Evolving Concerns - Persistence of cameras and microphones - Think 1984 by George Orwell - “big brother” is always watching, and “it’s okay” - Social media culture - “Tagging” people without knowledge - Sharing photos without asking - Data as currency - 23andMe, Ancestry.com, Google, etc. 7 “Arguing that you don’t Why should you care about privacy because you have nothing to hide is no different than care? saying you don’t care about free speech because Why
  • Jelszókezelök Pclinuxos Magazine – 2017

    Jelszókezelök Pclinuxos Magazine – 2017

    Repo mustra: jelszókezelök PClinuxOS Magazine – 2017. április Írta CgBoy Jelszavak. Mindnyájan használunk. Néhányan egyet használunk mindenre. Másoknak sok, összetett jelszava van, amit nehéz észben tartani. Mielőtt a cikket írtam volna, a számítógépemen volt egy fájl az összes jelszavammal. Nagyon biztonságos, igaz? Minden esetre, ebben a hónapban rövid pillantást vetünk a tárolóban található jelszó kezelőkre. Abba a sorba raktam őket, ahogy átnéztem. KDE Wallet (tárca) Manager. Kezdjük a KDE Wallet Manager-rel. Elég könnyű tárcát készíteni. Használhat Blowfish-t, vagy GPG titkosítást. Mivel nincs GPG-kulcsom, Blowfish titkosítási eljárást használtam. A KDE Wallet Manager képes XML Nos, a KDE Wallet Manager olyan jó? Azt wallet-fájlokat importálni és exportálni. A KDE Wallet mondanám, igen. Könnyen használható, jo a felülete Manager felhasználói felülete jó és egyszerű. Van és van néhány jó tulajdonsága, vagyis mondhatnám, még rendszertálca alkalmazása is, ahonnan a tárcák jó. megnyithatóak. KeePassX, (Megjegyzés: a 2.0.3-as verzió ez és nem a régi 0.4.4-es) a KeePassX-t gyakran ajánlják mint jó, nyílt forráskódú jelszókezelőt. Azok számára, akik nem ismerik, a KeePassX a KeePass Password Safe leágazása. Amikor a KeePassX-ben új jelszó adatbázist készítesz, választhatsz, hogy csak mester jelszót, csak kulcs fájlt, vagy mindkettőt használj. A KeePassX AES, vagy Twofish titkosítást használ az adatbázisánál. A KeePassX felhasználói felülete jó, a jelszavakat Androidra és iOS-re is van applikáció, ami képes könyvtárakba rendezi. Amikor új jelszó elemet viszel KeePass adatbázis használatára, ami azt jelenti, be, a KeePass készít hozzá egy véletlenszerű hogy a jelszavaid mindig veled lehetnek! Nos, mit jelszót. Az elemhez ikon is rendelhető. A KeePassX gondolsz a KeePass-ról? Szerintem kiváló képes böngésző kiegészítő nélkül a bejelentkező jelszókezelő.
  • An Architecture for Cryptography with Smart Cards and NFC Rings on Android

    An Architecture for Cryptography with Smart Cards and NFC Rings on Android

    OpenKeychain: An Architecture for Cryptography with Smart Cards and NFC Rings on Android DOMINIK SCHÜRMANN, TU Braunschweig, Germany SERGEJ DECHAND, University of Bonn, Germany LARS WOLF, TU Braunschweig, Germany While many Android apps provide end-to-end encryption, the cryptographic keys are still stored on the device itself and can thus be stolen by exploiting vulnerabilities. External cryptographic hardware solves this issue, but is currently only used for two-factor authentication and not for communication encryption. In this paper, we design, implement, and evaluate an architecture for NFC-based cryptography on Android. Our high-level API provides cryptographic operations without requiring knowledge of public-key cryptography. By developing OpenKeychain, we were able to roll out this architecture for more than 100,000 users. It provides encryption for emails, messaging, and a password manager. We provide a threat model, NFC performance measurements, and discuss their impact on our architecture design. As an alternative form factor to smart cards, we created the prototype of an NFC signet ring. To evaluate the UI components and form factors, a lab study with 40 participants at a large company has been conducted. We measured the time required by the participants to set up the system and reply to encrypted emails. These measurements and a subsequent interview indicate that our NFC-based solutions are more user friendly in comparison to traditional password-protected keys. CCS Concepts: • Security and privacy → Usability in security and privacy; Key management; Hardware-based security protocols; • Human-centered computing → Mobile devices; Additional Key Words and Phrases: NFC, near-field communication, smart card, ring ACM Reference Format: Dominik Schürmann, Sergej Dechand, and Lars Wolf.
  • SUSE® Linux Enterprise Desktop 12 and the Workstation Extension: What's New ?

    SUSE® Linux Enterprise Desktop 12 and the Workstation Extension: What's New ?

    SUSE® Linux Enterprise Desktop 12 and the Workstation Extension: What's New ? Frédéric Crozat <[email protected]> Enterprise Desktop Release Manager Scott Reeves <[email protected]> Enterprise Desktop Development Manager Agenda • Design Criteria • Desktop Environment in SUSE Linux Enterprise 12 • GNOME Shell • Desktop Features and Applications 2 Design Criteria SUSE Linux Enterprise Desktop Interoperability Ease of Use Security Ease of Management Lower Costs 4 SUSE Linux Enterprise Desktop 12 • Focus on technical workstation ‒ Developers and System administrators • One tool for the job • Main desktop applications will be shipped: ‒ Mail client, Office Suite, Graphical Editors, ... • SUSE Linux Enterprise Workstation Extension ‒ Extend SUSE Linux Enterprise Server with packages only available on SUSE Linux Enterprise Desktop. (x86-64 only) 5 Desktop in SUSE Linux Enterprise 12 As Part of the Common Code Base SUSE Linux Enterprise 12 Desktop Environment • SUSE Linux Enterprise 12 contains one primary desktop environment • Additional light-weight environment for special use-cases: ‒ Integrated Systems • Desktop environment is shared between the server and desktop products 7 SUSE Linux Enterprise 12 Desktop Environment • GNOME 3 is the main desktop environment ‒ SLE Classic mode by default ‒ GNOME 3 Classic Mode and GNOME 3 Shell Mode also available • SUSE Linux Enterprise 12 ships also lightweight IceWM ‒ Targeted at Integrated Systems • QT fully supported: ‒ QT5 supported for entire SLE12 lifecycle ‒ QT4 supported, will be removed in future
  • Keepass Password Safe Help

    Keepass Password Safe Help

    KeePass Password Safe KeePass: Copyright © 2003-2011 Dominik Reichl. The program is OSI Certified Open Source Software. OSI Certified is a certification mark of the Open Source Initiative. For more information see the License page. Introduction Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem... A serious problem. He would have access to your e-mail account, website, etc. Unimaginable. But who can remember all those passwords? Nobody, but KeePass can. KeePass is a free, open source, light-weight and easy-to-use password manager for Windows. The program stores your passwords in a highly encrypted database. This database consists of only one file, so it can be easily transferred from one computer to another. KeePass supports password groups, you can sort your passwords (for example into Windows, Internet, My Website, etc.). You can drag&drop passwords into other windows. The powerful auto-type feature will type user names and passwords for you into other windows. The program can export the database to various formats. It can also import data from various other formats (more than 20 different formats of other password managers, a generic CSV importer, ...). Of course, you can also print the password list or current view. Using the context menu of the password list you can quickly copy password or user name to the Windows clipboard.

  • Keeper Security G2 Competitive Comparison Report

    Keeper Security G2 Competitive Comparison Report Keeper is the leading cybersecurity platform for preventing password-related data breaches and cyberthreats. This report is based on ratings and reviews from real G2 users. Keeper vs. Top Competitors: User Satisfaction Ratings See how Keeper wins in customer satisfaction based on the ratings in the below G2 categories. Keeper LastPass Dashlane 1Password 93% 85% Ease of Use 92% 91% 92% 82% Mobile App Usability 82% 88% 93% 83% Ease of Setup 89% 88% 95% 92% Meets Requirements 94% 94% 91% 82% Quality of Support 89% 90% 0% 20% 40% 60% 80% 100% See the full reports: Keeper vs. LastPass Keeper vs. Dashlane Keeper vs. 1Password G2 Grid: Keeper Listed as a Leader G2 scores products and vendors based on reviews gathered from the user community, as well as data aggregated from online sources and social networks. Together, these scores are mapped on the G2 Grid, which you can use to compare products. As seen on the grid, Keeper is currently rated as a “Leader,” scoring highly in both market presence and satisfaction. Contenders Leaders Market Presence Market Niche High Performers Satisfaction View the Expanded Grid Keeper User Reviews & Testimonials See what G2 users have to say about their experience with Keeper. Best password manager on the market “Keeper was the first password manager I could find that supported the U2F hardware keys that we use and this was a non-negotiable requirement at the time and still is. The support is really excellent and above expectations - On all my questions and concerns, I have received a reply within an hour and I am situated in Southern Africa.
  • Multi Software Product Lines in the Wild

    Multi Software Product Lines in the Wild

    AperTO - Archivio Istituzionale Open Access dell'Università di Torino Multi software product lines in the wild This is the author's manuscript Original Citation: Availability: This version is available http://hdl.handle.net/2318/1667454 since 2020-07-06T10:51:50Z Publisher: Association for Computing Machinery Published version: DOI:10.1145/3168365.3170425 Terms of use: Open Access Anyone can freely access the full text of works made available as "Open Access". Works made available under a Creative Commons license can be used according to the terms and conditions of said license. Use of all other works requires consent of the right holder (author or publisher) if not exempted from copyright protection by the applicable law. (Article begins on next page) 27 September 2021 Multi Software Product Lines in the Wild Michael Lienhardt Ferruccio Damiani [email protected] [email protected] Università di Torino Università di Torino Italy Italy Simone Donetti Luca Paolini [email protected] [email protected] Università di Torino Università di Torino Italy Italy ABSTRACT 1 INTRODUCTION Modern software systems are often built from customizable and A Software Product Line (SPL) is a set of similar programs, called inter-dependent components. Such customizations usually define variants, with a common code base and well documented variabil- which features are offered by the components, and may depend ity [1, 6, 19]. Modern software systems are often built as complex on backend components being configured in a specific way. As assemblages of customizable components that out-grow the expres- such system become very large, with a huge number of possible siveness of SPLs.
  • Keepass Instructions

    Keepass Instructions

    Introduction to KeePass What is KeePass? KeePass is a safe place for all your usernames, passwords, software licenses, confirmations from vendors and even credit card information. Why Use a Password Safe? • It makes and remembers excellent passwords for every site you visit. These passwords will be random and long. • It is very dangerous to either try and remember your passwords or re-use the same password on multiple sites. Using KeePass eliminates these problems. • It helps you log into websites • It stores license codes and other critical information from software vendors • It protects all your licenses and passwords with state of the art encryption making it unbreakable as long as you have a good passphrase. I made a 5 minute introductory video screencast . Go ahead and watch it. http://www.screencast.com/t/RgJjbdYF0p Copyright(c) 2011 by Steven Shank Why switch from my OCS Passwords safe to Keepass? Keepass is much better than my program. It is much more secure. My OCS Passwords is not using state of the art encryption. My program is crackable. In addition to being safer, it is even easier to use than my program and has some great extra features. In short, while OCS passwords was a good program in its time, its time has passed. Among the many advanced features, KeePass lets you add fields, copy username and passwords into websites and programs more easily, group your passwords and launch websites directly from KeePass. How Do You Switch from OCS Password to KeePass? What I've done • I worked with a programmer to write a program to convert current password databases into a text file I could import into KeePass.
  • April, 2021 Spring

    April, 2021 Spring

    VVoolulummee 116731 SeptemAbperril,, 22002201 Goodbye LastPass, Hello BitWarden Analog Video Archive Project Short Topix: New Linux Malware Making The Rounds Inkscape Tutorial: Chrome Text FTP With Double Commander: How To Game Zone: Streets Of Rage 4: Finaly On PCLinuxOS! PCLinuxOS Recipe Corner: Chicken Parmesan Skillet Casserole Beware! A New Tracker You Might Not Be Aware Of And More Inside... In This Issue... 3 From The Chief Editor's Desk... 4 Screenshot Showcase The PCLinuxOS name, logo and colors are the trademark of 5 Goodbye LastPass, Hello BitWarden! Texstar. 11 PCLinuxOS Recipe Corner: The PCLinuxOS Magazine is a monthly online publication containing PCLinuxOS-related materials. It is published primarily for members of the PCLinuxOS community. The Chicken Parmesean Skillet Casserole magazine staff is comprised of volunteers from the 12 Inkscape Tutorial: Chrome Text PCLinuxOS community. 13 Screenshot Showcase Visit us online at http://www.pclosmag.com 14 Analog Video Archive Project This release was made possible by the following volunteers: Chief Editor: Paul Arnote (parnote) 16 Screenshot Showcase Assistant Editor: Meemaw Artwork: ms_meme, Meemaw Magazine Layout: Paul Arnote, Meemaw, ms_meme 17 FTP With Double Commander: How-To HTML Layout: YouCanToo 20 Screenshot Showcase Staff: ms_meme Cg_Boy 21 Short Topix: New Linux Malware Making The Rounds Meemaw YouCanToo Pete Kelly Daniel Meiß-Wilhelm 24 Screenshot Showcase Alessandro Ebersol 25 Repo Review: MiniTube Contributors: 26 Good Words, Good Deeds, Good News David Pardue 28 Game Zone: Streets Of Rage 4: Finally On PCLinuxOS! 31 Screenshot Showcase 32 Beware! A New Tracker You Might Not Be Aware Of The PCLinuxOS Magazine is released under the Creative Commons Attribution-NonCommercial-Share-Alike 3.0 36 PCLinuxOS Recipe Corner Bonus: Unported license.