-
January 30th, 2017, 01:16 AM
#1
Passwords
I just use 2-3 different passwords for all of the websites/accounts that I have to log into online. Is using a password manager program/tool a good choice to use and is it safe? My logic is that if someone cracks into your password manager then he/she has all your passwords to all your accounts. What is the best route to take regarding passwords to reduce the likelihood that someone may retrieve them, especially, if you have some many accounts that require passwords?
-
January 30th, 2017, 10:42 AM
#2
I have about 10 and by using the user name and passwords daily, I have no trouble recalling them.
-
January 30th, 2017, 11:35 AM
#3
Re-using passwords for multiple accounts is not a good idea. If that account gets hacked, your other accounts that use that password are also at risk.
Best idea: Use different passwords and memorize them.
Second best, if you have too many accounts: Use a password manager that stores the passwords ONLY on a USB flash drive or local drive in an encrypted file. Then you only need to remember one password.
-
January 30th, 2017, 07:03 PM
#4
JDC2000, so I would have to have the flash drive connected at all times since I would be logging into my different accounts daily? I have firefox save and remember some of my passwords so I don't have to physically type them when logging into the sites. Is that not a good idea, as well?
-
January 30th, 2017, 07:45 PM
#5
Storing passwords on a flash drive is a solution when you move from computer to computer. If you only use one computer, you can store the encrypted file on the hard drive.
Web browsers are not known for their security, so having them store your passwords may not be the best idea.
-
January 31st, 2017, 12:12 AM
#6
JDC2000, would I have to unencrypt the password file before logging into a website? Can you suggest a good password manager program?
-
February 1st, 2017, 01:30 PM
#7
First, I agree that unique, lengthy, highly random passwords are the best way to avoid problems on the web. I never reuse passwords.
Second, I am a firm believer in proven password managers. I trust the technology they use. (Some people don't and that's ok.) https://en.wikipedia.org/wiki/Password_manager https://en.wikipedia.org/wiki/List_of_password_managers https://en.wikipedia.org/wiki/Compar...sword_managers
As strong of a fan of password managers as I am, I have no confidence in allowing browsers to manage my passwords. If one allows the browser to manage passwords, your passwords are available to any other user on that device. Plus, if one thinks about it, there is no software attacked by malware more than internet browsers. Not a safe space IMO.
What password managers do I trust??
If you want complete control over your passwords and never want them to leave your home/work, you might consider KeePass. It's free and well tested. We use it at work everyday. http://keepass.info/ You can sync KeePass databases using the web but it's not as smooth as others made to cloud sync automatically. You do NOT have to sync KeePass to use it. (Although I would keep backup copies.)
If cloud syncing and having your passwords available everywhere you use a device appeals to you, you might consider something like LastPass https://www.lastpass.com/ Again, to use something like LastPass, you have to trust the technology and the company. LastPass stores an encrypted version of your passwords in the cloud and automatically syncs them each time you open LastPass on a device. (In the interest of full disclosure, LastPass is now a division of LogMeIn. And, over the last few years, LastPass has had some security related anomalies they've reported to their users. But, I am not aware of any one having their passwords stolen.) If you use a good strong master password, the encryption of, and handling of one's LastPass database has proven to be very safe. I use it all the time.
There are a couple of other password managers I'd consider if I weren't using LastPass and KeePass. Dashlane https://www.dashlane.com/ is supposed to be a very good competitor of LastPass and if you are Apple centric, 1Password https://1password.com/ would be worth a look.
-
February 1st, 2017, 01:57 PM
#8
The password manager does the unencrypting of the password file.
KeePass or maybe 1Password would be password managers to look at.
-
February 2nd, 2017, 02:40 AM
#9
Han, thanks for all the info. I will look into those password managers you suggested. JDC2000, do you use a password manager or do you just remember the passwords you choose for all your account?
-
February 2nd, 2017, 01:31 PM
#10
I memorize my passwords, which makes them tough to hack, at least with today's technology. However, I do plan to experiment with both KeePass and 1Password to see if the might be usable for my needs.
-
February 2nd, 2017, 03:13 PM
#11
Forgot to mention that I have over 350 passwords that must be complex and unique. LOL! I really have no choice but to use a password manager.
-
February 5th, 2017, 03:58 PM
#12
HAN, 350 passwords? Wow. Have you tried numerous password managers and feel KeePass is the best and safest, since that is the one you use? I have never used a password manager before. The passwords aren't stored in the cloud?
-
February 8th, 2017, 05:29 PM
#13
I've tried 3 for me. 1 for someone else. LastPass, KeePass, Password Safe for me. 1Password was involved when I helped someone else set up their iPhone.
I only considered these because they have been around for a long time and are well tested by users and a few pros (like Tavis Ormandy https://en.wikipedia.org/wiki/Tavis_Ormandy ) All 4 programs are very much alive and being actively developed.
I mostly use LastPass but as I noted, it is a cloud synced program at it's core. As for KeePass, it and Password Safe are similar but I think KeePass is more user friendly and more fully fleshed out. You can use various methods to sync KeePass with more than one device but "out of the box", it's a stand alone program with no syncing. We use KeePass at work all the time.
If you have never used a password manager, give KeePass a try for a few passwords. It's a good place to start and you won't have any "cloud" concerns to deal with unless you want to try that later.
-
February 10th, 2017, 06:25 PM
#14
Han, thanks for all that advice. I appreciate it. I might give KeePass a try.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|