How Secure Is Opera Password Manager?

I just downloaded the new Opera 10 browser and am curious about the "Password Manager" feature which was formally known as "Wand". It's actually very well done, but I can't find any information on the security of the feature. It requires a "Master Password" every so often to access the password manager and - I am assuming - that the master password is using some kind of encryption to access the Password Manager database, but I can't find any information.

Any Opera users here who might be able to shed some light?

Thanks!

 

From what I understand it is quite secure. Read more about it here.

 

I'm quite comfortable with 3DES for that.
Thanks, Nate!

 

Is there something similar to this and equally as secure for FF and Iron? Thanks.

 

FF remembers your password but that thing leaks privacy. It shows which sites you have logged on. Of course most people wouldn't bother, cauz there is nothing to hide. FF also supports mast password authentication between sessions to enhance protection. The point of a master password is to protect you in case someone use your browser to gain access to accounts.

Another thing wand users must pay attention to is to give a monthly review of all the passwords to make sure you DO remember the passwords even if a browser failed or when you have to logon from some where else. If you dont trust online password storage like me and only store passwords locally, do the review. Or if the browser profile is lost or corrupted, the passwords will be gone for good.

 

So if this has privacy issues what other password manager would you suggest? How exactly does it leak privacy anyway? Does it show sites you've logged on to to other uses of your computer/account or to other websites you visit or what? Thanks.

 

how it leaks:


I just dont store pws on pr0n sites. I think that's enough. I use password keeper because my passwords tends to be long and difficult to input on business sites but they are easy to remember. And some sites have good download resources but they just ask you to signin. I use password keeper on them too. For those sites, their links are nothing sensitive.
Anyway one cant rely on his pw keeper too much. They are not portable or they are likely to fail and their database are easy to corrupt. What they do is just to help you INPUT SOME password, not all of them.

hi, here is an interesting firefox addon
https://addons.mozilla.org/en-US/firefox/addon/1033
I tried it once but failed to adapt to it. But the idea behind it is very promising. It uses your master password to hash the domain you visit and offer you different passwords for different domains. It doesnt store pws.

 

So wait what you're saying is that the built in pass word manager in FF leaves information on the clip board which can be logged by a clipboard logger? Is this it?

Is wand in Opera more secure? What about Secure Login for ff?

PwdHash indeed looks very promising.

 

Nop. signons3.txt is in your firefox profile folder. Yep, domains are saved in clear text, while passwords are encrypted.

I am not sure. I havent used them before. But one must remeber the password and check periodically to make sure the passwords wont be gone forever if one day these plugins screwed up.

 

Alright thanks BenSec!