On 06/08/2012 02:01 PM, Lyndon Nerenberg wrote:
On 2012-06-08, at 1:41 PM, Michael Thomas wrote:
I run a website. If it can change it on mine, I'd like to understand
how it manages to do that.
I log in to your website, change my password, and the software picks up that
I've changed the password and updates the safe accordingly. The software
doesn't initiate the password change, it just notices it and updates its
database accordingly. Sorry, I should have explained that more clearly.
If you have a Mac or a Windows box, download the 1Password 30 day trail and
take it for a run. It really is a useful bit of software. No, it doesn't work
on my *BSD, Solaris, or Plan 9 machines. But it does sync across all my Mac,
Windows, and Android gear, and the Android client lets me pull up passwords on
my phone when I'm on one of the systems that doesn't have a native 1Password
client, or when I am on the road.
Ah, ok. Still Linkedin's contention that I should log in to every account
that I've created and change the password is still silly -- nobody's going
to do that.
That said, if there were a standardized way to get these password vault
software -- or whatever else wanted to manage them -- to do key refresh,
I'd be happy to implement it for my site. To my knowledge, such a protocol
does not exist.
Mike
