Wednesday, January 16, 2008

Simple password management

To easily manage all your passwords, you don't need any freeware/shareware/crapware/malware/whateverware. If you are running Windows, all you need is 2 batch files, each containing a single line.

As a bonus, you can get some very simple security-through-obscurity by using a little known feature of the NTFS file system called "Alternate Data Streams". The security is not great, but the obscurity feels like a cool hack. And it's still better than having passwords.txt on your desktop, or Post-its on your monitor. (Of course, you can also skip the coolness and combine these handy batch files with the excellent TrueCrypt for really strong encryption at the expense of a minimum of additional hassle).

  1. Create a file containing anything (or nothing). Let's call it x, and put it in our profile folder (C:\Documents adn Settings\username\)
  2. Create a batch file (let's call it password-add.bat) with one line:
    @ECHO %* >> "%USERPROFILE%\x:passwords"
  3. Create a second batch file (for example password.bat) also with one line :
    @FIND /I "%1" < "%USERPROFILE%\x:passwords"
  4. Copy these two files to some directory in your path (like C:\Windows or C:\Windows\System32)
To add your new Google user name and password, open a Command Prompt window, and type:

password-add "Google: mystupidname@gmail.com pass: ul7ra-secr37"

To retrieve that password once you have forgotten it, type anything like

password Google
or
password stupid
or
password @gmail.com
etc.

To add some obscurity, call the batch files something else (and shorter so you don't have to type so much): like newp.bat and p.bat.

To add even more obscurity, copy some small .dll file in c:\Windows\System32 to a new name like msp32.dll, and in the batch files replace "%USERPROFILE%\x:passwords" with "c:\Windows\System32\msp32.dll".

To add real security, get TrueCrypt, and put the file on a TrueCrypt volume. (Don't forget to correct the 2 batch files).

Important: This only works on NTFS partitions. If you move your file to a FAT32 partition or send it by email or FTP, all your passwords are lost forever. If your backups are done to an external FAT32 disk, you won't have a backup either. You can move the file around as much as want, providing that it always stays on NTFS partitions. If you copy over a network, the server also needs to be Windows (not Samba).

Labels: , , , , , , ,

0 Comments:

Post a Comment

<< Home