I'm trying out a combination of Dropbox and Keepass for keeping my passwords in. That way I can use the password generation routines in Keepass, and have different passwords for everything.
I know it's possibly a bit silly to put the Keepass file in Dropbox, but the password on the Keepass file would be a right bugger to break, and my Dropbox password is pretty good, too.
Once you get stuff set up it's not bad. And way safer. Here is a shot of their page about it.
you go to www.google.com/accounts to set it up - that's where you'd do it if you can get it.
Hmm - I use one strong password for sites/things that are anything to do with money stuff, because I am incapable of remembering more than one strong password :$
I would like an app on my laptop, PC and Android that would let me easily store and sync (and generate new ones when registering for sites) passwords. That would be good. Does keypass do this?
I know it was sarcastic. I was being dumb.
They should know better and I hope they pay for it!
Can't be any worse than Sony! :-&
At least LastPass encrypts my stuff!
Self-certification (wrong term, but I can't think of the right one at the moment) can only be done by smaller companies who handle a smaller number of transactions every year. Large companies have to be audited by a certified QSA.
The only problem is that the actual requirements in PCI DSS are a bit vague in places, and what you need to do to achieve compliance depends on the interpretation of the QSA. Sony's lawyers will just end up saying that they were compliant so long as you squint at it from the right angle.