[ARCHIVED THREAD] - Password keepers (Page 1 of 2)
Posted: 3/16/2017 11:07:02 AM EDT
|
My idiot savant like numeric recall can no longer keep up with the quantity and complexity of passwords required. What password keeper is regarded highest these days (ease of use, trustworthiness, cross platform capabilities, etc)?
LastPass was often touted as the best last I had heard. Still true? What do you use and like? ETA: I use PCs and iPhones. |
|
Can somebody explain to me how something like this is secure? Say I have lastpass and it saves all of my passwords to a server. Now a potential hacker needs only 1 username and password to gain access to all of my banking, email, social media, etc accounts.
That sounds like a very, very, bad idea. |
|
I use KeyPass, but the general consensus is that LastPass is an easier program.
http://www.ar15.com/forums/t_1_5/1912135_-ARCHIVED-THREAD----Password-managers-for-older-folks.html&page=1 |
|
I use "premium" Lastpass + authenticator.
Only for the plethora of bullshit logins I have, they got "cracked" a few months ago by I think a Twitter spoof or something like that. meh whatever. everything that matters is on paper, no where else, and gets changed from a different computer than the daily driver. I do not bank online. |
|
I use KeePass and have for the last five or ten years.
I'm not willing to let someone else keep my passwords. I do email my AES 256 encrypted database to myself at work and at Gmail so it is available. Since it's so easy both my user name and passwords are complex strings of gibberish as long as they permit. |
|
Quoted:
Use passphrases instead of passwords so you can remember them. Don't use any cloud based password keeper. Example: "Dildo123" is essentially 4 "digits" ( Dildo +1+ 2 +3) "AnyThingIsADildoIfYoureBraveEnough" takes way longer to type, but is essentially still only 9 "digits" and is still easily solved via dictionary attack. |
|
Quoted:
Can somebody explain to me how something like this is secure? Say I have lastpass and it saves all of my passwords to a server. Now a potential hacker needs only 1 username and password to gain access to all of my banking, email, social media, etc accounts. That sounds like a very, very, bad idea. |
|
Quoted:
Waiting on someone to answer this... Quoted:
Quoted:
Can somebody explain to me how something like this is secure? Say I have lastpass and it saves all of my passwords to a server. Now a potential hacker needs only 1 username and password to gain access to all of my banking, email, social media, etc accounts. That sounds like a very, very, bad idea. |
|
Quoted:
You use a very strong, unique password and do your best to make sure you're not vulnerable to a MITM attack. Quoted:
Quoted:
Quoted:
Can somebody explain to me how something like this is secure? Say I have lastpass and it saves all of my passwords to a server. Now a potential hacker needs only 1 username and password to gain access to all of my banking, email, social media, etc accounts. That sounds like a very, very, bad idea. MITM attacks are still a weakness. A thumb drive with encryption is another possibility. |
|
I use Password Safe, originally written by Bruce Schneier (creator of the Blowfish, Twofish and Threefish ciphers). You can create your own encrypted file that contains all your usernames, passwords and associated data for each account. You can save it locally. However, I save mine in the root of my Google Drive directory. That way, I install Password Safe on my home and work computers and open up the Google Drive location.
The file lives with Google, but it's encrypted so Google can't do anything with it. So I still maintain full control of the file and don't have to depend on a cloud service to protect my login. If Google Drive gets hacker, the attackers only get my encrypted file. Password Safe Android App |
|
Quoted:
Been using 1Password for 14 months. Used RoboForm and LastPass in the past, all are good. I'm never without my phone so keeping everything on my phone works for me. |
|
I use a password protected word doc on my one drive / google drive. I literally have about 30 accounts that require all kinds of different passwords. Password protection on a word doc basically encrypts the file.
It works great until you need to access your password list from a computer that doesn't have a full office install though. |
|
Quoted:
3X5 cards in my pocket. One is taped to my cpu on the desk. Go ahead, try to use them, there are no identifying links to numerous accounts. Completely secure air gaps to everything. |
|
Quoted:
Can somebody explain to me how something like this is secure? Say I have lastpass and it saves all of my passwords to a server. Now a potential hacker needs only 1 username and password to gain access to all of my banking, email, social media, etc accounts. That sounds like a very, very, bad idea. |
|
Quoted:
I use Password Safe, originally written by Bruce Schneier (creator of the Blowfish, Twofish and Threefish ciphers). You can create your own encrypted file that contains all your usernames, passwords and associated data for each account. You can save it locally. However, I save mine in the root of my Google Drive directory. That way, I install Password Safe on my home and work computers and open up the Google Drive location. The file lives with Google, but it's encrypted so Google can't do anything with it. So I still maintain full control of the file and don't have to depend on a cloud service to protect my login. If Google Drive gets hacker, the attackers only get my encrypted file. Password Safe Android App |
|
Quoted:
Can somebody explain to me how something like this is secure? Say I have lastpass and it saves all of my passwords to a server. Now a potential hacker needs only 1 username and password to gain access to all of my banking, email, social media, etc accounts. That sounds like a very, very, bad idea. it has hashed and salted versions of your passwords, which can't be used to reverse engineer your actual password |