Hello, I just heard about Clipperz (clipperz.com), a free, open-source based online encrypted password vault which promises that your passwords never leave your browser in cleartext when sent to them.
It looks appealing for use both privately and for my work. Currently I use pwman3 for both but this means that: 1. If I'm away from home I don't have access to all my passwords (and I use individual passwords to all the sensitive sites like eBay, PayPal, banks, google etc). I already remember by heart many of the different passwords but not all. 2. When I'm outside the office and need a rarely used password to access a server, I have to be able to VPN+ssh back and access the computer with the pwman3 database in order to retrieve passwords relating to work (e.g. remotley hosted server passwords, which I hardly use because I relay on public ssh keys, but sometimes that's not available). Using clipperz.com sounds like a good solution for both situations. I heard at least about one commercial company which uses their online service to "host" their passwords. They also provides all sorts of ways to backup the data so in case they are gone, there is still their code and the user's data around to retrieve it. Since it's open source, I'm thinking to start with a local server on the internal network but the hosted service sounds appealing. My question - has any of the security experts here heard about them, their technology or maybe code they base their project on and can give a quick, at least semi-informed, "thumbs up/down" about what they think about this service? Thanks, --Amos ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
