Whenever you hit the MultiLogin button Chrome starts a completely clean browser tab that is not related in any way to what is going on in any other tabs. It takes care of the problem of the browser trying to cache your login information and state in cookies. The final piece of the puzzle is the Chrome plugin MultiLogin. By default KeePass will not just serve up the login information, you have to approve it from a prompt displayed by KeePass. If several entries match you get a list to choose from. chromePass connects to KeePassHttp and retrieves the login information from the KeePass database that matches the URL of the site you are visiting. KeePassHttp together with the Chrome extension chromePass completes this setup by serving up the necessary login information based on URL. Authorization is controlled in KeePass and is thus protected by the KeePass master password and any other factors you may have chosen. It creates a local HTTP endpoint that authorized clients can talk to. One of my favorite plugins is KeePassHttp, which exposes password entries securely over HTTP. I mentioned that KeePass has great plugin support. KeePass lets me generate long, complex passwords easily so I never (ever) reuse passwords anywhere. I keep my KeePass databases in a cloud storage account protected with Multi-Factor Authentication (MFA). I choose KeePass 2 because it has good encryption (AES-256), great multi-platform support, lots of plugins, good security features like automatic workspace lock, is open-source and free. I keep all my login information secure in a KeePass 2 database. It has the features I need, simple as that. The Browserįor me Google Chrome works best. And not only that but at the same time that i want to operate as myself. But we are not end users are we…? For me all this caching is very inconvenient when I need to be someone other than my own identities, which is all the time. All in an effort to make it easy for an end user to get to his stuff quickly. As you all know browsers try to make life easy for their users, and therefore they cache a lot of information, including logins, cookies and AuthN tokens (these are cookies too). The tool I use most to interact with these services is the web browser. That means many, many different user accounts to keep track of. I spend my time working with public cloud services for a large number of organizations.
0 Comments
Leave a Reply. |