How Secure Is Opera Password Manager?

Discussion in 'privacy technology' started by LockBox, Sep 1, 2009.

Thread Status:
Not open for further replies.
  1. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I just downloaded the new Opera 10 browser and am curious about the "Password Manager" feature which was formally known as "Wand". It's actually very well done, but I can't find any information on the security of the feature. It requires a "Master Password" every so often to access the password manager and - I am assuming - that the master password is using some kind of encryption to access the Password Manager database, but I can't find any information.

    Any Opera users here who might be able to shed some light?

    Thanks!
     
  2. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    From what I understand it is quite secure. Read more about it here.
     
  3. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I'm quite comfortable with 3DES for that.
    Thanks, Nate!
     
  4. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Is there something similar to this and equally as secure for FF and Iron? Thanks.
     
  5. Bensec

    Bensec Registered Member

    Joined:
    Aug 4, 2008
    Posts:
    177
    Location:
    China Changsha
    FF remembers your password but that thing leaks privacy. It shows which sites you have logged on. Of course most people wouldn't bother, cauz there is nothing to hide. FF also supports mast password authentication between sessions to enhance protection. :) The point of a master password is to protect you in case someone use your browser to gain access to accounts.

    Another thing wand users must pay attention to is to give a monthly review of all the passwords to make sure you DO remember the passwords even if a browser failed or when you have to logon from some where else. If you dont trust online password storage like me and only store passwords locally, do the review. Or if the browser profile is lost or corrupted, the passwords will be gone for good.
     
    Last edited: Sep 2, 2009
  6. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    So if this has privacy issues what other password manager would you suggest? How exactly does it leak privacy anyway? Does it show sites you've logged on to to other uses of your computer/account or to other websites you visit or what? Thanks.
     
  7. Bensec

    Bensec Registered Member

    Joined:
    Aug 4, 2008
    Posts:
    177
    Location:
    China Changsha
    how it leaks:
    111.JPG

    I just dont store pws on pr0n sites. I think that's enough. I use password keeper because my passwords tends to be long and difficult to input on business sites but they are easy to remember. And some sites have good download resources but they just ask you to signin. I use password keeper on them too. For those sites, their links are nothing sensitive.
    Anyway one cant rely on his pw keeper too much. They are not portable or they are likely to fail and their database are easy to corrupt. What they do is just to help you INPUT SOME password, not all of them.;)

    hi, here is an interesting firefox addon
    https://addons.mozilla.org/en-US/firefox/addon/1033
    I tried it once but failed to adapt to it. But the idea behind it is very promising. It uses your master password to hash the domain you visit and offer you different passwords for different domains. It doesnt store pws.
     
    Last edited: Sep 2, 2009
  8. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    So wait what you're saying is that the built in pass word manager in FF leaves information on the clip board which can be logged by a clipboard logger? Is this it?

    Is wand in Opera more secure? What about Secure Login for ff?

    PwdHash indeed looks very promising.
     
  9. Bensec

    Bensec Registered Member

    Joined:
    Aug 4, 2008
    Posts:
    177
    Location:
    China Changsha
    Nop. signons3.txt is in your firefox profile folder. Yep, domains are saved in clear text, while passwords are encrypted.

    I am not sure. I havent used them before. But one must remeber the password and check periodically to make sure the passwords wont be gone forever if one day these plugins screwed up.
     
  10. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Alright thanks BenSec!
     
Loading...
Thread Status:
Not open for further replies.