2009年8月11日星期二

【权利:2465】 计算机密码安全建议 不要保存密码自动登录

和密码保护有关的安全建议:
  1. 重要的帐号,不要设置保存密码自动登录。文[1]中指出了这种方式的不安全性,但他推测的理由是不准确的。这是因为存贮的密码很容易从软件界面和不够安全的本地存贮数据中截取,比如采用网站[2]提供的软件工具。
  2. 浏览器中,Outlook Express, Office Outlook, gtalk, msn, skype 等都不要自动登录。如果要让浏览器记住密码,Firefox 可以设置一个主密码来加密保存的网站登录密码。
  3. Thunderbird 如果设置自动登录,必须设置主密码 (master password) 将密码加密保存。
  4. 特别需要安全的场合,可以点击 开始 / 运行,输入 osk.exe 运行 On-Screen Keyboard 屏幕键盘, 用鼠标点击屏幕键盘输入密码,并在输入过程中不断移动键盘窗口,使得鼠标动作更复杂。可以密码的部分键用鼠标输入,部分用键盘输入。这样只有同时监视键盘和鼠标屏幕动作的木马,才能截取你的密码。
  5. 如果有很多密码难记,可以用 keepass 密码备忘软件加密保存。用于加密保存密码备忘录的主密码可以用 OSK 屏幕键盘方式输入,更安全。keepass 也带屏幕键盘插件。
[1] MSN和Gtalk的本地密码存在严重漏洞; 2008-9-21 12:23:9; http://www.williamlong.info/archives/1506.html
Asterisk Logger: Reveal/recover password behind asterisks (***)
If you want to reveal a password stored behind asterisks in a Pocket PC device, you may try the PocketAsterisk and RemotePocketAsterisk utilities. ...
www.nirsoft.net/utils/astlog.html

PasswordFox - Reveal the user names/passwords stored in Firefox
PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. ...
www.nirsoft.net/utils/passwordfox.html

WirelessKeyView: Recover lost WEP/WPA key/password stored by ...
Network Password Recovery - Recover Windows XP/Vista network passwords ... Be aware that this utility can only reveal the network keys stored by Windows ...
www.nirsoft.net/utils/wireless_key.html

AsterWin IE v1.03 - Reveal asterisk passwords in Internet Explorer
This utility reveals the passwords stored behind the asterisks in the web pages ... Explorer windows, and the password will be revealed after a few seconds. ...
www.nirsoft.net/utils/asterie.html

Netscapass v2.03
This utility can reveal the stored mail password (POP3 server password) for Netscape Communicator 4.x, Netscape 6.x and Netscape 7. It can also reveal the ...
www.nirsoft.net/utils/netscapass.html

IE PassView - Internet Explorer Password Viewer
Opera Password Recovery Master: Shareware tool that recover Opera Passwords. PasswordFox - Reveal the passwords stored in Firefox. ...
www.nirsoft.net/utils/internet_explorer_password.html

Protected Storage PassView v1.63: Recover Protected Storage passwords
The passwords are revealed by reading the information from the Protected ... strings stored in Internet Explorer, not only the AutoComplete password, ...
www.nirsoft.net/utils/pspv.html

AsterWin v1.20
Asterwin also cannot reveal the passwords in Internet Explorer Web pages, Because they are stored in different way than in other applications. if you want ...
www.nirsoft.net/utils/asterwin.html

NirSoft - freeware utilities: password recovery, system utilities ...
Network Password Recovery - Freeware utility that recovers the network passwords stored by Windows XP (Credentials file). Asterisk Logger - Reveal the ...
www.nirsoft.net/

3.01 PADGen 3.0.1.35 http://www.padgen.org Portable Application ...
This utility can reveal the passwords stored behind the asterisks in standard password text-boxes. Many applications, like CuteFTP, VNC, IncrediMail, ...
www.nirsoft.net/pad/astlog.xml

Dialupass: Recover lost dialup/RAS/VPN password in Windows XP/Vista/9x
Although the password is constantly stored in your computer, ... the Dialupass utility can reveal the Dial-Up passwords only if you are logged on with ...
www.nirsoft.net/utils/dialupass2.html

2.01 PADGen 2.0.1.22 http://www.padgen.org Portable Application ...
The passwords are revealed by reading the information from the Protected ... that reveals the passwords stored on your computer by Internet Explorer, ...
www.nirsoft.net/pad/pspv.xml

Win9x PassView v1.1
Description. The Win9x PassView utility reveals the passwords stored on your computer by Windows 95/98 operating system. It can reveal 4 types of passwords: ...
www.nirsoft.net/utils/win9xpv.html

Revealing the passwords behind asterisks in Internet Explorer
The following source code reveals the passwords stored behind the asterisks ... If IsPasswordBox(objElement) Then 'We found a password-box, so we reveal it ...
www.nirsoft.net/vb/reveal_ie_asterisk_passwords.html

Freeware Tools and System Utilities for Windows
This utility reveals the passwords stored on your computer by Internet Explorer, Outlook Express and POP3 accounts of MS-Outlook. The passwords are revealed ...
www.nirsoft.net/utils/index.html

Mail PassView: Password recovery for Outlook, Outlook Express ...
Added support for Gmail passwords stored by Google Desktop. 23/06/2006, 1.36. Fixed bug: Mail PassView didn't show Netscape/Thunderbird accounts when using ...
www.nirsoft.net/utils/mailpv.html

Password Recovery Tools for Windows
By default, PasswordFox displays the passwords stored in your current ... It can recover 2 of passwords: password stored for the current logged-on user ...
www.nirsoft.net/password_recovery_tools.html

Visual Basic Code Snippets and Utilities
This small utility reveals the passwords stored behind the asterisks in the web pages of Internet Explorer 5.0 and above. ...
www.nirsoft.net/vb/

--
许志永被黑帮绑架 http://tr.im/vxqH

--~--~---------~--~----~------------~-------~--~----~

★★北京益仁平中心http://www.yirenping.org★★公益法律人http://www.gyflr.org
★★北京忆通律师事务所(李劲松律师,李苏滨律师)http://www.bj580.com
★★伯阳法律援助网(常伯阳律师)http://www.by148.com
★★中国人权维基 Chinese Human Rights Wiki http://www.changkun.org/wiki

★★《权利》电子邮件网络非常鼓励具有行动力的文章供大家分享和引起支持!

1,所有帖子没有注明"不可转载"的,一律可以转载;转发本邮件成员文章,请注明"转自《权利》http://groups.google.com/group/ChinaRights"。
2,《权利》公共发言,请发电子邮件到 ChinaRights@googlegroups.com
3,要退订此论坛,请发邮件至 ChinaRights-unsubscribe@googlegroups.com
4,群发邮件,慎重发言,文明用语,切忌只言片语不明不确!
5,备份查询:http://chinarights2.blogspot.com
6,联系:gongchangbeijing@gmail.com
-~----------~----~----~----~------~----~------~--~---

没有评论: