Passwords
Results 1 to 14 of 14

Thread: Passwords

  1. #1
    JLS is offline Virtual PC Specialist!!!
    Join Date
    Apr 2002
    Posts
    3,708

    Passwords

    I just use 2-3 different passwords for all of the websites/accounts that I have to log into online. Is using a password manager program/tool a good choice to use and is it safe? My logic is that if someone cracks into your password manager then he/she has all your passwords to all your accounts. What is the best route to take regarding passwords to reduce the likelihood that someone may retrieve them, especially, if you have some many accounts that require passwords?

  2. #2
    Join Date
    Apr 2000
    Location
    Sheboygan, WI
    Posts
    53,392
    I have about 10 and by using the user name and passwords daily, I have no trouble recalling them.

  3. #3
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    18,063
    Re-using passwords for multiple accounts is not a good idea. If that account gets hacked, your other accounts that use that password are also at risk.

    Best idea: Use different passwords and memorize them.

    Second best, if you have too many accounts: Use a password manager that stores the passwords ONLY on a USB flash drive or local drive in an encrypted file. Then you only need to remember one password.

  4. #4
    JLS is offline Virtual PC Specialist!!!
    Join Date
    Apr 2002
    Posts
    3,708
    JDC2000, so I would have to have the flash drive connected at all times since I would be logging into my different accounts daily? I have firefox save and remember some of my passwords so I don't have to physically type them when logging into the sites. Is that not a good idea, as well?

  5. #5
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    18,063
    Storing passwords on a flash drive is a solution when you move from computer to computer. If you only use one computer, you can store the encrypted file on the hard drive.

    Web browsers are not known for their security, so having them store your passwords may not be the best idea.

  6. #6
    JLS is offline Virtual PC Specialist!!!
    Join Date
    Apr 2002
    Posts
    3,708
    JDC2000, would I have to unencrypt the password file before logging into a website? Can you suggest a good password manager program?

  7. #7
    HAN's Avatar
    HAN is offline Virtual PC Specialist!!!
    Join Date
    Feb 2002
    Location
    USA
    Posts
    4,319
    First, I agree that unique, lengthy, highly random passwords are the best way to avoid problems on the web. I never reuse passwords.

    Second, I am a firm believer in proven password managers. I trust the technology they use. (Some people don't and that's ok.) https://en.wikipedia.org/wiki/Password_manager https://en.wikipedia.org/wiki/List_of_password_managers https://en.wikipedia.org/wiki/Compar...sword_managers

    As strong of a fan of password managers as I am, I have no confidence in allowing browsers to manage my passwords. If one allows the browser to manage passwords, your passwords are available to any other user on that device. Plus, if one thinks about it, there is no software attacked by malware more than internet browsers. Not a safe space IMO.

    What password managers do I trust??

    If you want complete control over your passwords and never want them to leave your home/work, you might consider KeePass. It's free and well tested. We use it at work everyday. http://keepass.info/ You can sync KeePass databases using the web but it's not as smooth as others made to cloud sync automatically. You do NOT have to sync KeePass to use it. (Although I would keep backup copies.)

    If cloud syncing and having your passwords available everywhere you use a device appeals to you, you might consider something like LastPass https://www.lastpass.com/ Again, to use something like LastPass, you have to trust the technology and the company. LastPass stores an encrypted version of your passwords in the cloud and automatically syncs them each time you open LastPass on a device. (In the interest of full disclosure, LastPass is now a division of LogMeIn. And, over the last few years, LastPass has had some security related anomalies they've reported to their users. But, I am not aware of any one having their passwords stolen.) If you use a good strong master password, the encryption of, and handling of one's LastPass database has proven to be very safe. I use it all the time.

    There are a couple of other password managers I'd consider if I weren't using LastPass and KeePass. Dashlane https://www.dashlane.com/ is supposed to be a very good competitor of LastPass and if you are Apple centric, 1Password https://1password.com/ would be worth a look.

  8. #8
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    18,063
    The password manager does the unencrypting of the password file.

    KeePass or maybe 1Password would be password managers to look at.

  9. #9
    JLS is offline Virtual PC Specialist!!!
    Join Date
    Apr 2002
    Posts
    3,708
    Han, thanks for all the info. I will look into those password managers you suggested. JDC2000, do you use a password manager or do you just remember the passwords you choose for all your account?

  10. #10
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    18,063
    I memorize my passwords, which makes them tough to hack, at least with today's technology. However, I do plan to experiment with both KeePass and 1Password to see if the might be usable for my needs.

  11. #11
    HAN's Avatar
    HAN is offline Virtual PC Specialist!!!
    Join Date
    Feb 2002
    Location
    USA
    Posts
    4,319
    Forgot to mention that I have over 350 passwords that must be complex and unique. LOL! I really have no choice but to use a password manager.

  12. #12
    JLS is offline Virtual PC Specialist!!!
    Join Date
    Apr 2002
    Posts
    3,708
    HAN, 350 passwords? Wow. Have you tried numerous password managers and feel KeePass is the best and safest, since that is the one you use? I have never used a password manager before. The passwords aren't stored in the cloud?

  13. #13
    HAN's Avatar
    HAN is offline Virtual PC Specialist!!!
    Join Date
    Feb 2002
    Location
    USA
    Posts
    4,319
    I've tried 3 for me. 1 for someone else. LastPass, KeePass, Password Safe for me. 1Password was involved when I helped someone else set up their iPhone.

    I only considered these because they have been around for a long time and are well tested by users and a few pros (like Tavis Ormandy https://en.wikipedia.org/wiki/Tavis_Ormandy ) All 4 programs are very much alive and being actively developed.

    I mostly use LastPass but as I noted, it is a cloud synced program at it's core. As for KeePass, it and Password Safe are similar but I think KeePass is more user friendly and more fully fleshed out. You can use various methods to sync KeePass with more than one device but "out of the box", it's a stand alone program with no syncing. We use KeePass at work all the time.

    If you have never used a password manager, give KeePass a try for a few passwords. It's a good place to start and you won't have any "cloud" concerns to deal with unless you want to try that later.

  14. #14
    JLS is offline Virtual PC Specialist!!!
    Join Date
    Apr 2002
    Posts
    3,708
    Han, thanks for all that advice. I appreciate it. I might give KeePass a try.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •