Go | New | Find | Notify | Tools | Reply | |
| Peace through superior firepower  |
A bitlocked external drive with a 30+ character password that is changed every six weeks, and that password is not stored anywhere but my cranium. Use a phrase as a password and use a password convention consistent across password changes and you won't go wrong. An example (with my convention removed) Now is the winter of our discontent made glorious summer by this son of York | |||
|
McNoob |
KeePass here, stored offline. "We've done four already, but now we're steady..." | |||
|
| A teetotaling beer aficionado  |
Dashlane offers a free limited feature version. It does most of what the paid program offers except syncing to multiple devices and a max of 50 pass words. You also get a VPN with the paid program. Men fight for liberty and win it with hard knocks. Their children, brought up easy, let it slip away again, poor fools. And their grandchildren are once more slaves. -D.H. Lawrence | |||
|
W07VH5 |
Oh, I forgot that my password vault is also protected with a Yubikey. | |||
|
| His diet consists of black coffee, and sarcasm.  |
 Well, that and Post-It notes.  Nobody but myself has access to my computer, unless someone were to break in. After I use a password long/often enough, I can remember them without external aid. To make them easier to remember, I have most of them spell out words or phrases. When capital letters, numbers or special characters are required, I work them in, e.g., numeral 1 for an I. | |||
|
Alea iacta est |
That sir, is a fact. I use LastPass. Or should I say I am transitioning away from LastPass. They were hacked and they weren’t transparent about what was taken. Our password lockers were taken, and they still aren’t clear if the encryption key was taken too. My locker is protected by TFA using a Ubikey. Well, when you steal the locker from the backend TFA doesn’t matter, they’re already in the locker. So all passwords had to be changed as well as the master password for the account, etc. Now I will be transitioning to a different locker. Lots of research to do. The “lol” thread | |||
|
thin skin can't win |
LastPass for many years no, good results. I also took that opportunity to change all passwords to a strong password, each unique from all others. Being able to share with spouse is good. Also can designate a third party with conditional access. In our case a daughter. She can attempt to login, we get a notification to decline that, and if not within a period we set, like a week, she gets access. You know, like we’re dead. You only have integrity once. - imprezaguy02 | |||
|
אַרְיֵה |
1Password does a great job. Unfortunately, the publisher has changed to a software rental (subscription) model. I bought it years ago, when there was a one-time charge, so I am grandfathered, and do not have to pay again unless I choose to get the current version. No real reason to do that, the version that I paid for, years ago, still works just fine. הרחפת שלי מלאה בצלופחים | |||
|
| Member |
no | |||
|
Semper Fi - 1775 |
Follow up question… What is the primary purpose? Is it pretty much just a digital version of the book I keep in my safe? Does it sync with other apps? For example, when I am logging onto a website that wants my password, will 1Password be where it takes its password from, or will the website still be using the Apple Keychain password manager? ___________________________ All it takes...is all you got. ____________________________ For those who have fought for it, Freedom has a flavor the protected will never know ΜΟΛΩΝ ΛΑΒΕ | |||
|
| A teetotaling beer aficionado |
No experience with 1Pass but use Dashlane which I assume is pretty similar. If you're trying to get into a website you've established an account with and has been saved to your password manager, a small icon will appear in the long in fields. Just click on that and it triggers the password manager to out fill your saved long in info and pass word. If it's a new website you want to establish and account with, fill in the info they ask for, and when complete, your password manager should ask you if you want it to generate a password (recommended) which you can adjust to the requirements of the web site. Like how long, uppers and lowers, symbols etc. Then it will ask you if you want to save the long in. Yes is the best response as it saves all the log in data which of course you can delete at anytime. Hope that helps Men fight for liberty and win it with hard knocks. Their children, brought up easy, let it slip away again, poor fools. And their grandchildren are once more slaves. -D.H. Lawrence | |||
|
| W07VH5 |
I’ve come to the conclusion that using a password manager is better than reusing usernames and passwords at multiple sites/apps. It’s better than writing down or keeping a spreadsheet. It also makes general password maintenance (changing passwords) easier so you’ll actually do it. It’s better than using shorter passwords you’ll remember. I, admittedly, am taking the easy way out and using a cloud service but I will eventually switch to a self hosted version that won’t be accessible via any breach. Hopefully, before it’s necessary. However, the pros outweigh the cons and even Bitwarden can’t use your data against you. By the time a breach is announced, even if they wait, I’ll have plenty of time to change all my hundreds of passwords. | |||
|
Seeker of Clarity |
I used LastPass since 2006. It's astonishing how many accounts you create in that time. In my case over 600. Mostly retail. With LastPass's recent issues, I'm migrated to 1Password, changing passwords as I went. That's not a trivial task. 1Password also encrypts the meta data (like the username and the URL of the site that the account is for, not just the password). I considered all the options just a few months ago and did my homework. Also my friend, a sys admin, did the same. Bitwarden and 1Password were the top two we'd arrived on. I went with 1Password. Toss of a coin. In a perfect world, there would be a required feature of every website to have a button for deleting the account and all personal information. I would easily trim from 600+ to less than 100. But rather than leaving dormant accounts that might be used to gather info or do something nefarious, I am faithfully working through the last of the password changes for accounts I'll never use again. Ugh  | |||
|
Baroque Bloke |
Was price a factor? My PW manager is mSecure (premium). $14.99 per year. Several device syncing options: Wi-Fi, Dropbox, or mSecure’s own server (no cost for that). Also, how did mSecure (premium) come out in your PW manager homework endeavour? Serious about crackers | |||
|
His Royal Hiney |
After being unsure of password managers, I've came to accept using one is better than the system I was using. After several months of research similar to the research I did for Medicare, I settled on 1Password. You make up one password to remember (the longer, the better) coupled with a "Secret Key," the combination of which is your encryption key. One license is for all the members of your household and each one has a personal vault. Members of a household can also share a vault such as the password to the wi-fi. When you're traveling to foreign countries or anywhere where you might be forced to open the contents of your phone, you can put a "travel" mode with hides vaults you deem as critical. Having another member in the household allows having the ability to recover your vaults should you forget your master password. Right now, I have 401 active items stored in my account accessible via my phone, laptop, or browser. The items includes logins, credit cards, passwords, bank accounts, etc. If you're really worried about someone getting your passwords, here's what I do which is only for accounts where my money can be taken out such as banks and brokerages: when I set up a password for a bank, I use the password that 1password suggests, have 1password record it, then I add a short string of letters or numbers that I can easily remember. That way, the password stored in 1password is not sufficient or complete. "It did not really matter what we expected from life, but rather what life expected from us. We needed to stop asking about the meaning of life, and instead to think of ourselves as those who were being questioned by life – daily and hourly. Our answer must consist not in talk and meditation, but in right action and in right conduct. Life ultimately means taking the responsibility to find the right answer to its problems and to fulfill the tasks which it constantly sets for each individual." Viktor Frankl, Man's Search for Meaning, 1946. | |||
|
| His Royal Hiney |
I came from personal encoded notes to 1 Password but I understand most password managers allow exporting of passwords and importing into 1Password. "It did not really matter what we expected from life, but rather what life expected from us. We needed to stop asking about the meaning of life, and instead to think of ourselves as those who were being questioned by life – daily and hourly. Our answer must consist not in talk and meditation, but in right action and in right conduct. Life ultimately means taking the responsibility to find the right answer to its problems and to fulfill the tasks which it constantly sets for each individual." Viktor Frankl, Man's Search for Meaning, 1946. | |||
|
| His Royal Hiney |
My 1Password cost $59.85 annually for the last 2 years. It syncs across devices through their own cloud. We're not talking differences of thousands of dollars or even hundreds. "It did not really matter what we expected from life, but rather what life expected from us. We needed to stop asking about the meaning of life, and instead to think of ourselves as those who were being questioned by life – daily and hourly. Our answer must consist not in talk and meditation, but in right action and in right conduct. Life ultimately means taking the responsibility to find the right answer to its problems and to fulfill the tasks which it constantly sets for each individual." Viktor Frankl, Man's Search for Meaning, 1946. | |||
|
Firearms Enthusiast |
I have never stored mine online, I'm old school and unorganized I guess.  | |||
|
| Member |
No password manager for me. These companies have been known to get hacked. Google Chrome just saves the sites' passwords for me, and auto-fills them for me. If Google gets hacked, that'd suck. But IMHO Google's been probably the one of top companies at the forefront of zero-day exploits. Their zero-day teams had notified many other companies, even Apple, of their discoveries of zero-day exploits. I think Google's experience of China state phishing attacks of Gmail back in 2006 or so had taught them alot, plus their reach across the internet requires them to be at the forefront in security, much more so than these much smaller password outfits. | |||
|
| A teetotaling beer aficionado |
I always us the password manager's suggested password (I'm using Dashlane) and use the longest allowable for the site with the most character types allowable. Since Dashlane (and 1Password) will fill in these passwords I don't worry about remembering them or fret about typing this long string of nonsensical characters. I change my master password monthly and it is something I can remember but follow the security suggestions on character placement. It's 16 characters long. Dashlane, and I suspect most password managers allow you to download your password list. I do this from time to time, store it on a thumb drive with encryption and it goes in my safe. I suppose there are better places to store this drive, but it seems relatively secure to me and I like having a hard (soft) copy of my passwords. Men fight for liberty and win it with hard knocks. Their children, brought up easy, let it slip away again, poor fools. And their grandchildren are once more slaves. -D.H. Lawrence | |||
|
| Powered by Social Strata | Page 1 2 3 |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2024