Author Topic: Logistics ? How/where do you store all of your account passwords?  (Read 2380 times)

PNW_FIRE

  • 5 O'Clock Shadow
  • *
  • Posts: 32
I've been reading the "Get Your Shit Together" website, which details how to prepare for if/when life goes sideways (making sure people have wills, advance care directives, etc.).

The website offers a checklist that includes making sure someone in your family or a person you trust knows your personal information (such as accounts, passwords, where important documents are located, how to log in and pay your mortgage, etc.)--things that would keep your family/estate/assets functioning immediately after a tragedy (if you were to pass or be incapacitated).


I'm trying to put together such a list between me, my husband and my mom, but this is bringing up a logistical roadblock for us: where is the best place to store all of our personal account information (names & login info for bank accounts, insurance policies, savings & retirement accounts, etc.).

Any advice on systems that work would be much appreciated. I've thought of collecting everything in a shared google document so that we could access it anywhere, but the thought of having all of our life info. in one place in the cloud scares me, as does having it saved on a hard drive or printed somewhere.

Any recommendations on the best way to store & protect this information so that it can be safe but easily retrievable?

Thanks!

Rob_bob

  • Bristles
  • ***
  • Posts: 404
  • Location: Oregon
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #1 on: December 22, 2019, 05:09:34 PM »
I use Keepass password manager for logging into all my accounts.  I also keep some notes on other things in there too.

I then keep the Keepass login info with my will and other important papers in a safe, gave the safe combo to the person/s who would need to get into it when I'm no longer around.

GuitarStv

  • Senior Mustachian
  • ********
  • Posts: 23129
  • Age: 42
  • Location: Toronto, Ontario, Canada
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #2 on: December 22, 2019, 05:24:08 PM »
Write 'em in capital letters on brightly coloured post-its and stick 'em to my monitor.

freya

  • Bristles
  • ***
  • Posts: 476
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #3 on: December 22, 2019, 06:34:04 PM »
I use Lastpass, but I've been hesitant to let it generate secure passwords because it doesn't work on many websites.  Plus, what happens when you're trying to log on to a website on a public computer?

I've been using a few "core" words (not an actual English language word) and then building around that with special characters, numbers etc, and recording hints in an accessible file on my phone.  Kinda thinking that's not such a great idea anymore though.



frugalnacho

  • Walrus Stache
  • *******
  • Posts: 5055
  • Age: 41
  • Location: Metro Detroit
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #4 on: December 23, 2019, 09:04:47 AM »
I use keepass.   Keep the key file stored in my dropbox (google drive would also work) so I can't ever lose it.  I put all my passwords into it, and any other information that is relevant to the specific accounts (account numbers, PINs, weird security questions, etc). 

ketchup

  • Magnum Stache
  • ******
  • Posts: 4323
  • Age: 33
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #5 on: December 23, 2019, 09:37:42 AM »
I use Lastpass, but I've been hesitant to let it generate secure passwords because it doesn't work on many websites.  Plus, what happens when you're trying to log on to a website on a public computer?

I've been using a few "core" words (not an actual English language word) and then building around that with special characters, numbers etc, and recording hints in an accessible file on my phone.  Kinda thinking that's not such a great idea anymore though.
How often do you actually do this?  I've done it exactly one time in at least five years: logging into an email account to print something on a hotel computer this year.

Stasher

  • Handlebar Stache
  • *****
  • Posts: 1914
  • Age: 50
  • Location: VanIsle
  • Power through Positivity
    • Mindful Explorer
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #6 on: December 23, 2019, 09:59:27 AM »
I asked this question a while back with my network of friends and far above all the rest came back as;
LastPass
I have now used this with great success and it also has an app for your phone to sync up passwords. I LOVE the security check it does also where it reviews all passwords, checks for duplicates, lets you know if a website has ever been hacked or lost data and also tells you password strength or if it is getting old.

AccidentialMustache

  • Pencil Stache
  • ****
  • Posts: 927
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #7 on: December 23, 2019, 10:15:59 AM »
Lastpass should be looked at with at least a grain of suspicion as their parent company is selling out to private equity.

robartsd

  • Magnum Stache
  • ******
  • Posts: 3342
  • Location: Sacramento, CA
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #8 on: December 23, 2019, 12:14:10 PM »
I use Lastpass, but I've been hesitant to let it generate secure passwords because it doesn't work on many websites.
My first attempt at a solution for passwords was to use a hash algorithm to generate a unique password based on the domain and my master password. This worked well until I ran into websites where the encoded hash did not meet password rules for the site. I have thought that it would be nice to be able to configure the encoding of the hash to meet the password rules of the site, but then you'd have to refer to the rules every time - most sites only tell you what the rules are when you're creating a password (and often only if you submit one they don't like).

PNW_FIRE

  • 5 O'Clock Shadow
  • *
  • Posts: 32
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #9 on: December 23, 2019, 10:26:46 PM »
Thank you, all! I'm going to look into LastPass, Keepass and 1Password.

Schaefer Light

  • Handlebar Stache
  • *****
  • Posts: 1328
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #10 on: December 24, 2019, 05:23:52 AM »
I keep all of mine on a USB flash drive that I keep hidden.  I don't want my passwords on a device that's connected to any networks.

ender

  • Walrus Stache
  • *******
  • Posts: 7402
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #11 on: December 24, 2019, 07:11:31 AM »
I use Lastpass, but I've been hesitant to let it generate secure passwords because it doesn't work on many websites.  Plus, what happens when you're trying to log on to a website on a public computer?

I have been a user of 1Password for many years now.

There are two things I do in this situation:

1) Password reset (I don't care about the actual password ever)
2) Check on my phone and copy or add it to the website


ketchup

  • Magnum Stache
  • ******
  • Posts: 4323
  • Age: 33
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #12 on: December 24, 2019, 11:45:12 AM »
I keep all of mine on a USB flash drive that I keep hidden.  I don't want my passwords on a device that's connected to any networks.
I hope you have a backup of that drive.  Flash isn't great for long-term storage.

MsPeacock

  • Handlebar Stache
  • *****
  • Posts: 1571
  • Location: High COL
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #13 on: December 24, 2019, 11:57:39 AM »
I use Lastpass, but I've been hesitant to let it generate secure passwords because it doesn't work on many websites.
My first attempt at a solution for passwords was to use a hash algorithm to generate a unique password based on the domain and my master password. This worked well until I ran into websites where the encoded hash did not meet password rules for the site. I have thought that it would be nice to be able to configure the encoding of the hash to meet the password rules of the site, but then you'd have to refer to the rules every time - most sites only tell you what the rules are when you're creating a password (and often only if you submit one they don't like).

I do the same - have an algorithm that I know that makes it easy to generate a unique password for every website, which is easy for me to remember but generally impossible to guess. I have a few for special accounts (like my bank accounts) that do not follow that algorithm. I also write them down, missing a couple characters (which I can remember), in the back of my dayplanner, in case I forget. I generally don't want to store my passwords electronically.

neo von retorch

  • Magnum Stache
  • ******
  • Posts: 4918
  • Location: SE PA
    • Fi@retorch - personal finance tracking
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #14 on: December 26, 2019, 06:23:16 AM »
I must bring up BitWarden. They seem to be lesser known than the commercial players, but they have open source code with a reasonable business model to support them, and good options like having them host or doing it yourself. My experience with their app and browser extensions has been really good, and improved quickly. If you're shopping for a password manager, add them to the mix.

I sometimes think about how I'd get my wife to to speed on this... especially if I was hit by a bus. At some point I'll probably cave and seal my master pass phrase in an envelope for her.

robartsd

  • Magnum Stache
  • ******
  • Posts: 3342
  • Location: Sacramento, CA
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #15 on: December 26, 2019, 11:43:02 AM »
I must bring up BitWarden. They seem to be lesser known than the commercial players, but they have open source code with a reasonable business model to support them, and good options like having them host or doing it yourself. My experience with their app and browser extensions has been really good, and improved quickly. If you're shopping for a password manager, add them to the mix.

I sometimes think about how I'd get my wife to to speed on this... especially if I was hit by a bus. At some point I'll probably cave and seal my master pass phrase in an envelope for her.
It looks like BitWarden's service allows you to share items with one other person for free in an organization account. Sounds like if you both use BitWarden you can each have your own accounts and collections but share everything with each other, so no need to be able to access each other's BitWarden account. Does not provide a solution for whomever you would have taking care of things should something happen to both of you, but would provide the solution for something happening to either of you. I think I may have to check BitWarden out myself.

kuzinrufus

  • 5 O'Clock Shadow
  • *
  • Posts: 5
Re: Logistics ? How/where do you store all of your account passwords?
« Reply #16 on: December 27, 2019, 11:05:56 AM »
You (everyone) should definitely use password management software. I pay for a LastPass premium account ($12/year). I'm very satisfied with it but there are multiple equivalent options. Install the desktop browser add-on along with the app for your phone. There are lots of useful bells and whistles that come with the software which everyone can make use of, but really there are only two main reasons to use a password manager: 1) a secure place to store passwords, 2) easy retrieval of passwords when you need them. All the other stuff is a bonus. For example. LastPass has a password generation tool that I use all the time. But actually all you need to do is make sure all your passwords are different, make them all just random characters, and make them more than 8 characters. (A good rule of thumb is to make all your passwords at least 12 characters.) So you'd probably be fine if you just banged out 12 random characters on your keyboard every time you needed a password for something. (Just make sure you include some uppercase/lowercase/special characters/etc in there.) And make sure your master password is STRONG. So if you can remember something like C2tm3YSU5%%F3S or iE8^S%7u16Zi#W you're good to go. But I'm guessing you can't remember a string of gobbledygook like that. Next best thing is to make sure it's long. (Do I really need to mention that you should NOT include stuff like your name, or the name of anyone else you know, or the word "password", or a string of numbers like 1234?) Current password theory says that length is key. So you can string a bunch of random words together and be very secure. An example would be resignationparticipatecirculation. It would take even the most powerful computer (currently anyway), like, a zillion years to crack that password. And if you sprinkle in a couple uppercase and special characters in there you have an amazingly secure master password. (BTW, you should NOT actually use resignationparticipatecirculation as your password nor should anyone else! And it's not mine either!)

 

Wow, a phone plan for fifteen bucks!