Inspired by the recent issue with the Gawker network sites, I've been re-evaluating my password management. What strategies do you use to keep passwords safe? I'm particularly interested in software-based solutions available for Ubuntu, but any interesting ideas should be shared. Bonus points for solutions which are available on Android as well.
There is one called Password Card, http://www.passwordcard.org/en it is not a software but is very secure... :)
I use KeePassX, which is open source and free. There is an Android port, as well. I haven't spent too much time investigating alternatives, but this one does auto-type and it's in the standard Ubuntu repository. It's a desktop client, not a browser plug-in.
I use Dropbox for backup/sync of the main passwords file.
I'm presently a user of lastpass premium which is a browser plugin, and also works on all symbian/android/iOS/Major OS.
To quote their website:
Great service so far with no issues.You can get your own account and more information by visiting lastpass.com
If you can spare some time and effort you could use a plain text file encrypted with GnuPG stored with any of the many remote sync/backup services, or just on a server where you have SSH access (or even plain http). Such a combination is guaranteed to be cross-platform, free and last a long time.
On Android it can be accessed easily then decrypted with APG.
If you use Firefox, its Sync facility also works on Android, it's really neat.
Lastpass does look quite convenient and affordable, thanks for sharing that, lazyPower.
re: LastPass..."Its the last password you'll ever have to remember. It has form auto-fill, auto-login, its free, cross platform, its everywhere, its secure."
Period.
Re-install your OS, plugin LastPass, login to it and you have ALL your passwords.
It's the first thing I install after the OS.
I currently use LastPass, but I was previously happy with Clipperz. Clipperz is less integrated, but still has some nice features. You can export Clipperz to an html file and open it locally so that you can use it offline. All the encryption/decrytpion is done on your machine, so passwords and data are never transmitted unencrypted. It also supports one-time passphrases. Very handy, just don't forget your password like I did, since there are 0 password recovery options.