Password Creator recommendations?

[BlackJacky]

Hey folks,

do you have a recommendation for a good password manager? Which do you use?

Thanks in advance

[Meuh6879]

are you crazy ?
store password on computer tool ? 

[BlackJacky]

Actually I meant a good password creator

[Plento]

I'd recommend KeePass.

[mr angry]

I'd recommend KeePass.

I'd recommend using the portable version of keepass installed on a flash drive. It creates a little database of passwords that you can password protect so you only have to remember one password. You can decide what characters it should include in a password and then choose to generate one using additional randomness from mouse movement input. In practice that means you waggle your cursor round using your mouse, and keepass uses those movements to make your password totally random.

http://keepass.info/download.html

[Blaze.]

It would be best to use 1password.
I think its the safest.

[mkswords]

I really like LastPass. It can manage your passwords and generate new ones. Heard KeePass is good too.

[FrostStick]

 I see in the title you're talking about a password creator but in the OP you're talking about a password manager. If you use Mac I think Keychain is sufficient. Lastpass is a good option for both saving and creating passwords. If you want an independent password generator, try random.org. https://www.random.org/passwords/

[mirana12345]

Entrusting your password creation to third party apps or websites is counter productive when you think about it. Just slam your hands on a keyboard few times,
hold +shift and slam once more, then activate caps and slam again. Your end result should be something like : ćrgijargh"#/%&#"%RLIGKNHELU

There's nothing better than having a password like that one, just make sure you make a new one for each new site/program/app/account.
Store your passwords on a paper and place it somewhere safe,and don't ever store passwords on your computer, especially don't allow browser to "remember" your passwords.

[Blue_Tiger73]

It would be best to use 1password.
I think its the safest.

Having 1 password is the most convenient approach to this, but it is definitely not the safest approach by a long way. If someone hacks into one of your accounts, they will have access to pretty much all your accounts. I recommend that you use KeePass.

[USB-S]

Entrusting your password creation to third party apps or websites is counter productive when you think about it. Just slam your hands on a keyboard few times,
hold +shift and slam once more, then activate caps and slam again. Your end result should be something like : ćrgijargh"#/%&#"%RLIGKNHELU

There's nothing better than having a password like that one, just make sure you make a new one for each new site/program/app/account.
Store your passwords on a paper and place it somewhere safe,and don't ever store passwords on your computer, especially don't allow browser to "remember" your passwords.

But when you think about it. Most people store their passwords on their internet browser which is in my opinion the least secure. Most password managers at least use heavy encryption. But if you have a keylogger on your computer your fucked either way if they find out your master password. Maybe if the manager has 2fa authentication. If anyone wants to target you specifically you're fucked either way.

[FrostStick]

It would be best to use 1password.
I think its the safest.

Having 1 password is the most convenient approach to this, but it is definitely not the safest approach by a long way. If someone hacks into one of your accounts, they will have access to pretty much all your accounts. I recommend that you use KeePass.

Oh, I see you're talking about password managers. I'm 100% sure then that LastPass beats all.

[photon_coin]

Seriously, using any software create a password for you is not a best practice.


Use different e mail and passwords for everything ========== no exceptoin.


Yes it is work but peace of mind is something you can not go back in time and correct or put a price on.

[Kprawn]

Nothing beats your memory... but if that fails, use a piece of paper with a formula only you would understand. Store the formula in a vault and only retrieve it, if you forgot it.

I never use the same password for every site, but I use a combination of this formula to create a unique password for every service. It has worked for me for many years now, and

I never forget the formula. I will never trust ANY online password manager or creator.... Put the trust in your own hands... not in the unknown. 

[franky1]

though nothing beats your memory. but...
use a SHA hasher inline with your memory

that way it adds entropy.
EG 'apple pear banana 69 69'
becomes:
8e644805af6f009e83cb5cbc5d8dbfb77298cd69d3f4acf5bed70457b553e054

so just remembering 5 items, gives you 64 characters that you dont have to remember, far better then the 20 characters of your memorized words

an example is
http://www.xorbin.com/tools/sha256-hash-calculator
but its best you find an offline tool so that your not reliant on a online service that may change its parameters or just goes offline without notice

[n2004al]

Hey folks,

do you have a recommendation for a good password manager? Which do you use?

Thanks in advance

You may found tens of those doing a simple search in google. With all the best and shortage characteristics. Why must ask here when you can have only two-three founded by someone which have not used and tried (so have no knowledge about) the others. I personally have heard good words about RoboForm but have not used it (don't prefer to use password manager) and haven't tried or heard nothing about others. So doesn't mean that can be the best one. Anyhow I am giving you below two links with the bests password managers (according to specialized people or magazines) which match all the needed characteristics such product may have and another link with the basic knowledges about those. In this way you can create yourself a full idea about those and having these knowledges make then the best choice which can fit better your needs.

http://www.pcmag.com/article2/0,2817,2407168,00.asp

http://lifehacker.com/5529133/five-best-password-managers

https://en.wikipedia.org/wiki/Password_manager

[OmegaStarScream]

I'd definitely go with KeePass , and for those who are giving LastPass as suggestions ... should know that the software is online and I wouldn't use an online service to store my password , just like I won't use an online wallet to store my bitcoins (remember that they got hacked last june too) .

[kpitti]

I am using combination of password for some general use.
If I need some more safe I have 1Password, there I generate good password and then change myself and write on paper.

I do not have such problem to use 1Password as I think it`s good tool. You need just use your brain and think what needs to be protected more.

[mirana12345]

Entrusting your password creation to third party apps or websites is counter productive when you think about it. Just slam your hands on a keyboard few times,
hold +shift and slam once more, then activate caps and slam again. Your end result should be something like : ćrgijargh"#/%&#"%RLIGKNHELU

There's nothing better than having a password like that one, just make sure you make a new one for each new site/program/app/account.
Store your passwords on a paper and place it somewhere safe,and don't ever store passwords on your computer, especially don't allow browser to "remember" your passwords.

But when you think about it. Most people store their passwords on their internet browser which is in my opinion the least secure. Most password managers at least use heavy encryption. But if you have a keylogger on your computer your fucked either way if they find out your master password. Maybe if the manager has 2fa authentication. If anyone wants to target you specifically you're fucked either way.

Like i said, never allow browser to save your passwords.
And in regards to keyloggers - if you want to be mad safe;

check outgoing data rate (outband data) before entering your password,and if rate is low (0 or just few kb/s) that means even if you have trojan or keylogger,
the master(mallware owner) is not capturing your screen (at that moment) - which then enables you to be safe by writing password from paper using on screen keyboard. Keyloggers, both standalone and
those within trojans just record key strokes, they can not get OS keyboard data.

[Light]

But when you think about it. Most people store their passwords on their internet browser which is in my opinion the least secure. Most password managers at least use heavy encryption. But if you have a keylogger on your computer your fucked either way if they find out your master password. Maybe if the manager has 2fa authentication. If anyone wants to target you specifically you're fucked either way.

If they have a keylogger on your system that you don't know about - even if you don't store it but just have the password in your memory it'll still be logged when you eventually log in to whatever service you're using. Personally, I'm a fan of 2FA on any website that you know you really want to be secure on (i.e. banking, online hot wallet) and if they don't offer that then find another service which does.