Voici une série de White Papers sur la gestion de mot de passe. http://www.securitydocs.com/Authentication/Passwords

Je pense que la "bonne" approche serait d'utiliser les utilitaires pouvant gérer les fichiers compatibles avec "password safe". C'est le standard de facto qui me semble le plus sécuritaire et le plus actif. Le problème est qu'il n'y a pas d'utilitaire command-line pour *nix qui supporte la dernière version (v3). Autrement, Password Gorilla (GUI) et pwsafe (CLI, mais ne supporte pas la v3 et n'a pas d'interface interactive) sont tous deux excellents. -- TheAnarcat 2008-03-17 17:24:28

LE critère pour mettre une nouvelle option dans la liste:

Voir aussi 57612 pour le remplacement du password manager actuel, où on ajoute les critères:

Une bonne pratique des mots de passe personnelle est décrite dans la page GestionDesMotDePasse.

Cette liste n'est pas triée, les entrées sont ajoutées à la fin au fur et à mesure, généralement.

CLI + GUI

Those tools operate both on the commandline and a Graphical User Interface (GUI).

assword

http://finestructure.net/assword

kedpm

kepm, replacement for the Figaro Password Manager, which is Gnome-only. Koumbit now hosts the git repositories for this project, see the redmine project.

SFL Vault

https://projects.savoirfairelinux.com/projects/sflvault/wiki

See SflVault for our own docs on this.

Counterpane's password safe

Password safe, originally written by Bruce Schneier, windows-only. Open sourced in 2013, and a Linux beta is now available.

CLI

Only through the commandline.

password-store

http://zx2c4.com/projects/password-store/

keyringer

https://git.sarava.org/?p=keyringer.git;a=summary https://support.mayfirst.org/wiki/faq/admin/keyringer

gpg

Good old GPG can be used, and is a very common password manager. Use gpg to encrypt a file, share the file, done. Can be opened with Emacs' EPA mode and gnupg-symmetric.vim.

pwd.sh

https://github.com/stef/pwd.sh

simple shell script to store passwords in a GPG file. also generates passwords based on browser's window titles...

Standford's Wallet

http://www.eyrie.org/~eagle/software/wallet/

The wallet is a system for managing secure data, authorization rules to retrieve or change that data, and audit rules for documenting actions taken on that data. Objects of various types may be stored in the wallet or generated on request and retrieved by authorized users. The wallet tracks ACLs, metadata, and trace information. It is built on top of the remctl protocol and uses Kerberos GSS-API authentication. One of the object types it supports is Kerberos keytabs, making it suitable as a user-accessible front-end to Kerberos kadmind with richer ACL and metadata operations.

SPD

http://spd.sourceforge.net/

Encrypts to multiple GPG keys and provides a sensible interface. Aims to support SVN server deployment. Interesting for "all workers" passwords...

However, the interface sucks: it's juste plainfile text edition, and the --add parameter (to add a password) doesn't really work. I also couldn't figure out the syntax of the password file so that my passwords show up properly.

pwsafe

pwsafe: a unix utility, commandline (but can copy to X11 clipboard), compatible with password safe (and emacs :) )

Introduction

cpm

cpm, a commandline password manager

pwman

pwman, with a text interface

pwman3

Yapet

Ncurses-based, minimal dependencies.

http://www.guengel.ch/myapps/yapet/

Simsafe

Trocla

https://github.com/duritong/trocla

recutils

https://www.gnu.org/software/recutils/

Blackbox

https://github.com/StackExchange/blackbox

License: MIT

pysswords

https://github.com/marcwebbie/pysswords

KeepassC

A curses-based CLI implementation of KeepassX that is compatible with Keepass 1.x and KeepassX databases. This software was not tested by anyone from Koumbit yet.

https://raymontag.github.io/keepassc/

GUI

Those are GUI-based only.

KeePass

http://keepass.info/download.html

KeePassX

http://www.keepassx.org/

KeePassXC

https://keepassxc.org/

Fork of KeePassX that fixes a bunch of things, makes interactions with the database faster and pushes forward discussion and development.

password gorilla

Revelation

gnu keyring

For Palms. http://gnukeyring.sourceforge.net/

gpass

A Gnome password manager

MyPasswordSafe

http://www.semanticgap.com/myps/ PasswordSafe-compatible, in theory. Linux GUI.

PWS

Web based

Those are completely web-based.

Mitro

https://www.mitro.co/ - online, owned by Twitter and recently (2014) open-sourced.

ClipperZ

http://www.clipperz.com/ is an online, zero-knowledge service that has been released under the AGPL, on github - because Google refuses AGPL projects (!!).

Update: server side is "for educational purposes only" and has security issues, so basically unusable. -- TheAnarcat 2015-08-05 10:36:13

Corporate vault

http://sourceforge.net/projects/corporatevault/

Team pass

http://www.teampass.net/

Mortimer

https://github.com/aiaio/mortimer

w3pw

Web based, PHP, MySQL.

http://w3pw.sourceforge.net/

duse

http://duse.io/

has an interesting theoritical paper: https://github.com/duse-io/seminar-paper

certainly zero-knowledge, but seems only one author, a little academic...

vault

https://vaultproject.io/ - from the Vagrant people

not sure it's zero-knowledge. but it supports LDAP authentication and seems generally well designed.

Vaultier

https://www.vaultier.org/

https://www.vaultier.org/features/

https://www.vaultier.org/install/

autres

zxcvbn

Un bon estimateur de la qualité d'un password:

https://github.com/dropbox/zxcvbn

PasswordManagementService/SoftwareComparison (last edited 2017-03-17 15:06:59 by GabrielFilion)