Talk:Password manager

comment
The purpose for starting this article is to seperate password managers from password generators and form fillers, which are often confused as one in the same software. The fact is that these are different software and may exist on their own without having the other two functionalities. Some software like Roboform has all three. — Preceding unsigned comment added by ProfessorBaltasar (talk • contribs) 16:12, 11 April 2006 (UTC)


 * @ProfessorBaltasar
 * Nowhere do I see a password manager that I have used for well over a decade, and as far as I know have never been hacked! is there some reason that you don't identify Keeper? is there a reason why they are not listed?  should I worry about using them? Chicago Chilibob (talk) 22:22, 13 May 2024 (UTC)

Comparison
We need a page comparing password managers password generators and form fillers. Mathiastck 23:05, 7 January 2007 (UTC)

Might be useful to mention USB-based password management products (IronKey www.ironkey.com, ID Guard www.identityguard.com/#slide6) and standalone password management devices (Atek Logio Secure Password Organizer www.atek.com/logio-secure-password-organizer.html and Mandylion Labs www.mandylionlabs.com).205.214.237.254 (talk) 17:59, 10 July 2009 (UTC)

Bitwarden is missing, someone should add info for this one: https://bitwarden.com/ — Preceding unsigned comment added by Eclectic99 (talk • contribs) 16:39, 29 September 2017 (UTC)

e–Business translation
This is a new term to mean the facilitation of the transformation of an existing business or business idea to the Internet. It involves the use of business systems analysis and other software and tools to map the business structure to the Internet. —Preceding unsigned comment added by Raphaelval7 (talk • contribs) 10:38, 8 March 2010 (UTC)

Clarification?
Article says: "Some password managers include a password generator. Generated passwords may be guessable if the password manager uses a weak random number generator instead of a cryptographically secure one."

You can create millions and millions different passwords even with weak random number generator. And if you don't know previously generated (with same seed) passwords, this "weakness" doesn't help in any way to crack in. Is this really a problem or just theoretical speculation? In other words, is there even one example of so badly made password generator that you can guess it's output? 62.134.199.5 (talk) 09:31, 26 May 2011 (UTC)

Flag as advertisement?
"OhMyPass is an Online Enterprise Password Manager that securely stores login details. It is a web-based version of more conventional desktop-based password manager. But also it has a Portable Application for Desktop Password Management: Omp2Go. With this Portable Application for Desktop version you can take your online stored accounts everywhere. Get your passwords or register new account on your desktop." — Preceding unsigned comment added by Treppo (talk • contribs) 09:45, 28 February 2012 (UTC)

Saving to Hard Disk
The article mentions (correctly) that saving unencrypted data to disk is dangerous, but then says "Turning off swap can prevent this risk"

I don't think it can. Modern desktops can hibernate, where they save their state to disk, or suspend to RAM where it may also be backed by disk. In these situations, unless the password manager receives notifications of the pending events, it wont even get the opportunity to erase its memory structures. And, if you look at the windows documentation of WM_POWERBROADCAST, it implies that there are no guarantees that a registered application will be told of an impending power change (emergency power options can trigger a suspend/hibernate without notification).

There's a simple test: suspend and resume the laptop -if you are reprompted for your password then the password manager may have erased it (or it is reacting on wakeup). Then repeate for hibernate.

Now: who is going to write that up in a way that doesn't constitute original research. — Preceding unsigned comment added by SteveLoughran (talk • contribs) 20:40, 22 April 2015 (UTC)

Definition?
"Password managers offer greater security and convenience for the use of passwords to access online services." Many things probably do that. Should not the first sentence define exactly what a password manager is? Is it software, an online service, something else entirely, or a combination of these?

Also, the phrasing is odd. "Password managers offer greater security and convenience" than what? A comparative must have a listed alternative; you can't say, "That's a bigger volcano," when you hadn't been talking about any other volcano before. This sounds more like marketing lingo than an encyclopedia.

208.124.64.14 (talk) 00:32, 26 April 2020 (UTC)

History
I'm the author of PassKeeper, a password manager for Windows 3.1 and Windows 95 which predates Bruce Schneier's Password Safe by a couple years. I published the first version around December 1995. The New York Times even wrote an article mentioning it in August 1996.

I'm not sure if PassKeeper was truly the first password manager, but I haven't heard of another (I actually came here wondering if there was something that predated it).

Anyway, I'm not sure what the etiquette is for updating this entry. It feels wrong to add it myself. Bdgreenlee (talk) 15:28, 15 May 2024 (UTC)