<grin!> Nice one. Yup, encryption can only do so much.
Absolutely. The only reason I’ve encrypted my laptop’s data is to protect it if the computer is stolen.
I’ve updated the post to include the original strip’s pop-up hint… hover your mouse cursor over it to see it, it’s worth it. 🙂
I actually paid money to have an email client that encrypts, mostly because my email account has a few passwords in it occasionally because of password retrievals that get emailed rather than a verification link, which is kind of dumb on both of our parts. (Your secrets are encrypted, though sadly, unavailable on PalmOS phones; there is (expensive) PGP for PalmOS, but it doesn’t do email other than encrypting data files, as I’m doing now for much cheaper and with a better, faster, and more reliable shareware (not freeware tho) client ChatterMail)
(Project, to also get or make password entry and generation programs for my Mac and phone, both of which are available, in order to solve that problem once and for all – though for either one I’d be worried it would contain a back door, so I’ve waited on getting a ready-made solution. I could use the web browser’s password memory, but that is known to be highly insecure, and has been cracked regularly on all major browsers including Firefox on all platforms and Safari (for Windows)
(Safari for Mac uses the OS X keychain, but then you’re trusting Apple, although the keychain algorithm is open source, something that was nice of them to provide; but still…. and of course there are persistent rumors about FileVault’s security, though it uses a different algorithm (AES) than the keychain; though it’s how it uses it that’s allegedly the problem, IIRC.))
I paid money for an encrypting email client for my smartphone that is, for the Mac it was free. 🙂
Use the Secure Login extension in Firefox, and the passwords you store in the Password Manager will be a lot better protected. It’s not perfect, but it helps.
(That said, I only use the Password Manager for sites that aren’t really important. For important sites, I use a separate password program.)
<grin!> Nice one. Yup, encryption can only do so much.
Absolutely. The only reason I’ve encrypted my laptop’s data is to protect it if the computer is stolen.
I’ve updated the post to include the original strip’s pop-up hint… hover your mouse cursor over it to see it, it’s worth it. 🙂
I actually paid money to have an email client that encrypts, mostly because my email account has a few passwords in it occasionally because of password retrievals that get emailed rather than a verification link, which is kind of dumb on both of our parts. (Your secrets are encrypted, though sadly, unavailable on PalmOS phones; there is (expensive) PGP for PalmOS, but it doesn’t do email other than encrypting data files, as I’m doing now for much cheaper and with a better, faster, and more reliable shareware (not freeware tho) client ChatterMail)
(Project, to also get or make password entry and generation programs for my Mac and phone, both of which are available, in order to solve that problem once and for all – though for either one I’d be worried it would contain a back door, so I’ve waited on getting a ready-made solution. I could use the web browser’s password memory, but that is known to be highly insecure, and has been cracked regularly on all major browsers including Firefox on all platforms and Safari (for Windows)
(Safari for Mac uses the OS X keychain, but then you’re trusting Apple, although the keychain algorithm is open source, something that was nice of them to provide; but still…. and of course there are persistent rumors about FileVault’s security, though it uses a different algorithm (AES) than the keychain; though it’s how it uses it that’s allegedly the problem, IIRC.))
I paid money for an encrypting email client for my smartphone that is, for the Mac it was free. 🙂
Use the Secure Login extension in Firefox, and the passwords you store in the Password Manager will be a lot better protected. It’s not perfect, but it helps.
(That said, I only use the Password Manager for sites that aren’t really important. For important sites, I use a separate password program.)