Author Topic: how to manage passwords  (Read 5960 times)

Case

  • Pencil Stache
  • ****
  • Posts: 835
how to manage passwords
« on: April 11, 2017, 08:10:04 AM »
I have tons of different accounts (financial, email, etc...), credit cards, etc...  And I keep a different password for each.  Currently I write down each on a stickpad and store it in my super-secret-bag.

What's the more enlightened way to do this?  I know there are some password management programs out there.  Which are safe? 
What about external devices (dongle) that you might plug into a usb device?

TheAnonOne

  • Handlebar Stache
  • *****
  • Posts: 1753
Re: how to manage passwords
« Reply #1 on: April 11, 2017, 08:12:20 AM »
Just use the same username and easily predictable password on every service. You'll never forget it and neither will your attackers!

Sent from my SM-G935T using Tapatalk


spokey doke

  • Pencil Stache
  • ****
  • Posts: 514
  • Escaped from the ivory tower basement
Re: how to manage passwords
« Reply #2 on: April 11, 2017, 08:13:11 AM »
I use Dashlane, the password mgt. program...works well so far

Nothlit

  • Bristles
  • ***
  • Posts: 406
Re: how to manage passwords
« Reply #3 on: April 11, 2017, 09:03:29 AM »
I've used LastPass for years and am very satisfied. People are sometimes initially concerned because they don't want to store their passwords in "the cloud" - but LastPass's security architecture is such that your password database ("vault") is only ever decrypted locally on your computer using your master password, which is never sent to their servers, which greatly minimizes the risk of compromise. They also support two-factor authentication and various other security enhancements to reduce the risk of someone malicious gaining access to your account, even if they were able to guess your master password.

lil_miss_frugal

  • 5 O'Clock Shadow
  • *
  • Posts: 67
  • Age: 35
  • Location: Alabama
Re: how to manage passwords
« Reply #4 on: April 11, 2017, 09:38:42 AM »
I use Norton Identity Safe to house all of my login information. It's free and there are both desktop and mobile apps.

WerKater

  • Bristles
  • ***
  • Posts: 351
  • Location: Germany
Re: how to manage passwords
« Reply #5 on: April 11, 2017, 09:49:16 AM »
I use KeePassx and it is perfect for me.

Spicolli

  • 5 O'Clock Shadow
  • *
  • Posts: 59
  • Age: 57
  • Location: WA
Re: how to manage passwords
« Reply #6 on: April 11, 2017, 12:14:06 PM »
I guess I'm just paranoid about the security of anything electronic/cloud based. I write down most of the password but leave some blanks that I would know but others would not and keep it in my wallet.

Rocket

  • 5 O'Clock Shadow
  • *
  • Posts: 99
  • Location: Los Angeles
Re: how to manage passwords
« Reply #7 on: April 11, 2017, 12:22:57 PM »
I use lastpass pro on all my devices, iphone, Mac OSX desktop and chromebook.  Its been a couple of years and its worked well. 

katsiki

  • Handlebar Stache
  • *****
  • Posts: 2015
  • Age: 43
  • Location: La.
Re: how to manage passwords
« Reply #8 on: April 11, 2017, 01:45:37 PM »
KeePass 2

I played around with LastPass a bit but did not like how intrusive it was in my browser.

gatorNic

  • 5 O'Clock Shadow
  • *
  • Posts: 48
  • Age: 44
  • Location: San Francisco Bay Area
Re: how to manage passwords
« Reply #9 on: April 11, 2017, 02:14:28 PM »
Not always, but I have mostly just gone to the strong password followed by the name of the site or service.

PasswordWithSomeCapsAndSome####_nameOfSite

so...

SomeWords9999_vanguard
SomeWords9999_kaisar

Gives you a strong password but easier to remember.   Only issue would be if you want to rotate to a new password you should probably change them all.  The most important of sites usually has a dual authentication like sending to my phone. 

Aggie1999

  • Bristles
  • ***
  • Posts: 385
Re: how to manage passwords
« Reply #10 on: April 11, 2017, 02:42:53 PM »
I have been using KeePass2Android Offline version. Seems to work well.

meghan88

  • Pencil Stache
  • ****
  • Posts: 834
  • Location: Montreal
Re: how to manage passwords
« Reply #11 on: April 11, 2017, 05:35:14 PM »
I opened a gmail account that I neither send things from, nor receive things to.  I have some cryptic notes about all my accounts and passwords stored as a draft.  Even if that email account gets hacked, they won't know who I am, or what the real passwords are.

meghan88

  • Pencil Stache
  • ****
  • Posts: 834
  • Location: Montreal
Re: how to manage passwords
« Reply #12 on: April 12, 2017, 08:44:48 AM »
I opened a gmail account that I neither send things from, nor receive things to.  I have some cryptic notes about all my accounts and passwords stored as a draft.  Even if that email account gets hacked, they won't know who I am, or what the real passwords are.
What a great idea.

I use lastpass to store most of my passwords (utilities & internet, forums like MMM, pocket, spotify, less important email accounts etc). I've memorised the passwords for my financial accounts and my main gmail account but that's fewer than ten admittedly long-ish passwords. I also keep cryptic notes for those on a piece of paper but I might steal the idea for a single-purpose gmail account to store those notes.

Glad you like it.  Just remember to log into that gmail account and update the draft whenever you change a password.

k-del

  • 5 O'Clock Shadow
  • *
  • Posts: 4
Re: how to manage passwords
« Reply #13 on: April 17, 2017, 08:50:33 PM »
I have used Last Pass for years and it works well for me.

Paul der Krake

  • Walrus Stache
  • *******
  • Posts: 5854
  • Age: 16
  • Location: UTC-10:00
Re: how to manage passwords
« Reply #14 on: April 17, 2017, 08:55:48 PM »
I use my SSN everywhere.

tbMMM

  • 5 O'Clock Shadow
  • *
  • Posts: 1
Re: how to manage passwords
« Reply #15 on: April 17, 2017, 09:13:35 PM »
Another vote for KeePass encrypted file on windows synced via dropbox to android KeePass Droid and other pcs.  You only need to remember one pw and can make the others long via the included and flexible pw generator.

Sent from my SM-P607T using Tapatalk


TheStachery

  • Guest
Re: how to manage passwords
« Reply #16 on: April 17, 2017, 09:45:48 PM »
I like 1Password.  They have a "watchtower" that will inform you if sites have potentially been hacked and to Change your password. 

I also like the idea of having a standard password and apending the website name to the end of it. Keeps it unique but not complicated. 

Also important, wherever possible turn on TWO-FACTOR AUTHENTICATION 


Sent from my iPhone using Tapatalk

WaterproofBanjo

  • 5 O'Clock Shadow
  • *
  • Posts: 14
  • Location: Seattle, WA, USA
Re: how to manage passwords
« Reply #17 on: April 17, 2017, 11:34:06 PM »
I use my SSN everywhere.
That's a great idea, I think I'll start doing that too!  What's your SSN? 

JLee

  • Walrus Stache
  • *******
  • Posts: 7512
Re: how to manage passwords
« Reply #18 on: April 18, 2017, 01:43:47 AM »
I use LastPass.

Whatever password manager you use, keep an eye out for security news.  An exploit was recently found in the LastPass browser extension - it's since been fixed, but I disabled it until a fix was out.

albireo13

  • Pencil Stache
  • ****
  • Posts: 517
  • Location: New England
Re: how to manage passwords
« Reply #19 on: April 18, 2017, 09:43:08 AM »
I use eWallet app for managing logins and passwords.

golden1

  • Handlebar Stache
  • *****
  • Posts: 1541
  • Location: MA
Re: how to manage passwords
« Reply #20 on: April 18, 2017, 09:53:27 AM »
I use 1Password to keep track of them all.  I also have a system so that if I forget to write down the password in the appm (it happens), I can usually guess it in 4-5 tries or less.  My system is falling apart as many vendors and accounts now require added complexity like the addition of a symbol. 

RWD

  • Walrus Stache
  • *******
  • Posts: 6529
  • Location: Arizona
Re: how to manage passwords
« Reply #21 on: April 18, 2017, 10:02:57 AM »
I use a spreadsheet that I keep on a USB drive. I'm at 209 entries...

meghan88

  • Pencil Stache
  • ****
  • Posts: 834
  • Location: Montreal
Re: how to manage passwords
« Reply #22 on: April 18, 2017, 02:32:40 PM »
I use a spreadsheet that I keep on a USB drive. I'm at 209 entries...
Yikes.  And if that gets lost, or broken ...?

RWD

  • Walrus Stache
  • *******
  • Posts: 6529
  • Location: Arizona
Re: how to manage passwords
« Reply #23 on: April 18, 2017, 02:46:43 PM »
I use a spreadsheet that I keep on a USB drive. I'm at 209 entries...
Yikes.  And if that gets lost, or broken ...?
I should probably back it up somewhere...

Christof

  • Pencil Stache
  • ****
  • Posts: 717
  • Age: 47
  • Location: Germany
Re: how to manage passwords
« Reply #24 on: April 18, 2017, 03:15:37 PM »
1Password for all accounts where it might be merely annoying or causing limited damage if they were stolen. Those that could cause serious damage like my bank accounts are written on paper in a bank safe in case something happens to me and my family needs access, and additionally require a chip card. Those inbetween are on a paper in my home...

Storing passwords is just one part. You also have to evaluate risks and manage infrequently used accounts with vital information, eg. anything with your SSN or credit card number. For instance, I'm accessing all my brokerage accounts not only to monitor my net worth, but also to detect unusal activity timely. Where possible I enabled activity notifications.

JLee

  • Walrus Stache
  • *******
  • Posts: 7512
Re: how to manage passwords
« Reply #25 on: April 18, 2017, 09:47:20 PM »
I use a spreadsheet that I keep on a USB drive. I'm at 209 entries...
Yikes.  And if that gets lost, or broken ...?
I should probably back it up somewhere...

Yuuup, especially considering that USB drives are not known for incredible reliability.

MrSal

  • Pencil Stache
  • ****
  • Posts: 889
Re: how to manage passwords
« Reply #26 on: April 18, 2017, 11:43:43 PM »
Im amazed how most people don't even use hard to guess passwords... using same password in several services is a no no...

Using your SSN makes it really easy to brute force.

I use KeePass, I have like 200+ passwords and NONE of them are equal.

My passwords are randomly generated by the app in the following format - example:

3dbe2p]tU~-6A;$YQ]2=

The app saves it automatically.

I used to be against pass managers and had the same passphrase but somewhat encrypted like a name or specific phase where I would switch letters with numbers that would resemble it or sometimes alternating the shift key with the numbers.

Example:

Passphrase: MisterMoneyMustache

The password would be: M1573rM)n#yMu%&$%h#

M1573r = Mister

M)n#y = Money (but instead of using the o as a 0 or the e as 3 I hit those keys but along with the shift key pressed)

Mu%&$%h# = Mustache (same as above)


While this served me right for many years, I didn't like having the same password on almost all services, where if one service would get compromised I would get all others compromised... so I started using a pass manager software.