I've finally gotten around to taking the plunge and using a password manager program rather than keeping track of everything in a little password book.
Anyone have any suggestions on what's a good password manager? I'm looking for one that includes cloud-based functionality, though I don't mind if it's not exclusively cloud-based. Just don't want to lose everything if my hard drive dies on me.
I've finally gotten around to taking the plunge and using a password manager program rather than keeping track of everything in a little password book.
Anyone have any suggestions on what's a good password manager? I'm looking for one that includes cloud-based functionality, though I don't mind if it's not exclusively cloud-based. Just don't want to lose everything if my hard drive dies on me.
Passwordkeeper on my BB works great. I have a cheaper one on my Samsung phone. I don't use one on my desktop.
Fuck I'm not sure if they are included in any back up but you can export your passwords as a text file and then back it up on your computer or anywhere else, if not print it and keep it in a safe place. But you make a good point about keeping a back up.
I'm uneasy about cloud storage of anything crucial.
I remember seeing a comic on Letterman years ago, and he said he doesn't keep track of his passwords. Whenever he goes to a website that he's already part of, he just clicks the 'Forgot password' button and a new password is sent to his email. Then he uses the new password. I've done that a couple of times, so you only need to remember your email password. It's actually better than a password manager, because the password is always changing and it's not stored anywhere it could be hacked.
Have many hundreds of pw. used RoboForm for years than switched to LP maybe 5 years ago.. the form fill is also very helpful to post various credit card info when buying and have different cards for business vs personal etc. I also love my 1520 Windows phone that it works fairly well with, although I rarely use phone since office in home etc. When in Canada use as hotspot to use larger laptop which also has LP.
I remember seeing a comic on Letterman years ago, and he said he doesn't keep track of his passwords. Whenever he goes to a website that he's already part of, he just clicks the 'Forgot password' button and a new password is sent to his email. Then he uses the new password. I've done that a couple of times, so you only need to remember your email password. It's actually better than a password manager, because the password is always changing and it's not stored anywhere it could be hacked.
But what's the risk of someone hacking lastpass and getting access to ALL your accounts? Is it hackable?
Right now I keep my passwords on an encrypted notes app on my phone only, not linked to the cloud, and for some accounts without full information. So to get into it someone has to get my phone, access it via the access code, then access the app with a code. Then there is a list of accounts with mixed information. Some are account numbers and passwords, others are stuff like "Rogers: yahoo, Dave's cottage". So, I know that for Rogers I used my yahoo email and the name of the lake Dave's cottage is on. That part is unhackable, as it's meaningless to anyone but me. But the ones that have full account number and actual password are vulnerable if hacked. But I need to list the full account number and password or I'll forget. Is last pass any safer than that - stored on my phone on an encrypted note?
I keep hard copy in my safe deposit box at the bank in case my phone dies, lol.
But what's the risk of someone hacking lastpass and getting access to ALL your accounts? Is it hackable?
Right now I keep my passwords on an encrypted notes app on my phone only, not linked to the cloud, and for some accounts without full information. So to get into it someone has to get my phone, access it via the access code, then access the app with a code. Then there is a list of accounts with mixed information. Some are account numbers and passwords, others are stuff like "Rogers: yahoo, Dave's cottage". So, I know that for Rogers I used my yahoo email and the name of the lake Dave's cottage is on. That part is unhackable, as it's meaningless to anyone but me. But the ones that have full account number and actual password are vulnerable if hacked. But I need to list the full account number and password or I'll forget. Is last pass any safer than that - stored on my phone on an encrypted note?
I keep hard copy in my safe deposit box at the bank in case my phone dies, lol.
1) accidentally turn on Google backup; they then get a copy of your encrypted note. Low-ish risk (unless this is the kind of encrypted note that can be recovered even if you forget your password)
2) for seldom used passwords, you might forget the meaning of your note. Otherwise you might have to make the note too obvious and an attacker could guess the meaning
For a password manager, you have to remember one very difficult password (minimum randomized 12 chars, 16 probably better, and mixes alphabet case and numbers). Even if an attacker gains access to your password database it should be difficult to decrypt. If you forget that one password you are screwed. And when choosing that master password don't think any system you devise is better than having a computer perform the randomization for you. If you can come up with a system, so can an attacker.
