h a l f b a k e r yYour journey of inspiration and perplexement provides a certain dark frisson.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
Please log in.
Before you can vote, you need to register.
Please log in or create an account.
|
Passwords are a pain to type in and to remember. Yes,
there are alternatives such as keepass. The weak point
of
such solutions is that they are software based. If your
master keepass password gets compromised, the hacker
has all your passwords. Software based password vaults
are also a pain
to transfer between different devices.
What's needed is a physical box that contains all your
passwords. This box would be the size of a wireless USB
dongle with a single button on the side. The box would
emulate a keyboard. When you press the button, your
entire password would be typed for you. When you're
done,
you simply take your password with you.
Options:
- multiple-buttons multiple passwords (the buttons would
make the box bigger, but might be worth it)
- single-button multiple patterns. One press =
password1,
Two presses = password2, Press and hold = password3
etc.
- partial password (box types 6 keys for you and you
finish
the other 6 by hand). That way if the box is stolen, the
bad
guys only have half of your password.
Baked (or soon to be)
https://www.indiego...pen-source-hardware [ixnaum, Aug 29 2014]
[link]
|
|
Sorry for everyone who left comments (I accidentally
deleted this idea - had to recreate it) |
|
|
nevermind ... this is baked (see link) |
|
|
How does this offer any protection? If the box is
just a keyboard emulator, your password is just as
vulnerable to hacking. |
|
|
You are right. It's same as a keyboard but better. |
|
|
Advantages over keyboard:
+ People can't watch you type (all they can watch
is that you pressed a button)
+ People can't sniff your keystrokes across the
room (by sound or
wireless)
+ You don't need to remember your password
+ Faster |
|
|
Advantages over software methods:
+ If your password is keylogged you lose only 1
password. Not all your passwords as it would be
the case if you were keylogged while getting into
your keepass. |
|
|
Advantages over USB token methods:
+ Works anywhere with anything that accepts
keyboard typed passwords
+ Much simpler infrastructure |
|
| |