BlackJacky (OP)
|
|
November 14, 2015, 01:00:30 AM Last edit: November 14, 2015, 01:18:51 AM by BlackJacky |
|
Hey folks,
do you have a recommendation for a good password manager? Which do you use?
Thanks in advance
|
|
|
|
Meuh6879
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
November 14, 2015, 01:09:40 AM |
|
are you crazy ? store password on computer tool ?
|
|
|
|
BlackJacky (OP)
|
|
November 14, 2015, 01:10:47 AM |
|
Actually I meant a good password creator
|
|
|
|
Plento
Jr. Member
Offline
Activity: 129
Merit: 1
|
|
November 14, 2015, 01:10:55 AM |
|
I'd recommend KeePass.
|
|
|
|
mr angry
|
|
November 14, 2015, 01:30:10 AM |
|
I'd recommend KeePass.
I'd recommend using the portable version of keepass installed on a flash drive. It creates a little database of passwords that you can password protect so you only have to remember one password. You can decide what characters it should include in a password and then choose to generate one using additional randomness from mouse movement input. In practice that means you waggle your cursor round using your mouse, and keepass uses those movements to make your password totally random. http://keepass.info/download.html
|
|
|
|
Blaze.
Newbie
Offline
Activity: 16
Merit: 0
|
|
November 14, 2015, 01:33:02 AM |
|
It would be best to use 1password. I think its the safest.
|
|
|
|
mkswords
Newbie
Offline
Activity: 2
Merit: 0
|
|
November 14, 2015, 01:33:36 AM |
|
I really like LastPass. It can manage your passwords and generate new ones. Heard KeePass is good too.
|
|
|
|
FrostStick
|
|
November 14, 2015, 02:18:49 AM |
|
I see in the title you're talking about a password creator but in the OP you're talking about a password manager. If you use Mac I think Keychain is sufficient. Lastpass is a good option for both saving and creating passwords. If you want an independent password generator, try random.org. https://www.random.org/passwords/
|
|
|
|
mirana12345
|
|
November 14, 2015, 02:38:42 AM |
|
Entrusting your password creation to third party apps or websites is counter productive when you think about it. Just slam your hands on a keyboard few times, hold +shift and slam once more, then activate caps and slam again. Your end result should be something like : ćrgijargh"#/%&#"%RLIGKNHELU
There's nothing better than having a password like that one, just make sure you make a new one for each new site/program/app/account. Store your passwords on a paper and place it somewhere safe,and don't ever store passwords on your computer, especially don't allow browser to "remember" your passwords.
|
|
|
|
Blue_Tiger73
Member
Offline
Activity: 112
Merit: 10
|
|
November 14, 2015, 02:50:35 AM |
|
It would be best to use 1password. I think its the safest.
Having 1 password is the most convenient approach to this, but it is definitely not the safest approach by a long way. If someone hacks into one of your accounts, they will have access to pretty much all your accounts. I recommend that you use KeePass.
|
|
|
|
USB-S
Sr. Member
Offline
Activity: 574
Merit: 250
In XEM we trust
|
|
November 14, 2015, 02:54:19 AM |
|
Entrusting your password creation to third party apps or websites is counter productive when you think about it. Just slam your hands on a keyboard few times, hold +shift and slam once more, then activate caps and slam again. Your end result should be something like : ćrgijargh"#/%&#"%RLIGKNHELU
There's nothing better than having a password like that one, just make sure you make a new one for each new site/program/app/account. Store your passwords on a paper and place it somewhere safe,and don't ever store passwords on your computer, especially don't allow browser to "remember" your passwords.
But when you think about it. Most people store their passwords on their internet browser which is in my opinion the least secure. Most password managers at least use heavy encryption. But if you have a keylogger on your computer your fucked either way if they find out your master password. Maybe if the manager has 2fa authentication. If anyone wants to target you specifically you're fucked either way.
|
|
|
|
FrostStick
|
|
November 14, 2015, 03:06:12 AM |
|
It would be best to use 1password. I think its the safest.
Having 1 password is the most convenient approach to this, but it is definitely not the safest approach by a long way. If someone hacks into one of your accounts, they will have access to pretty much all your accounts. I recommend that you use KeePass. Oh, I see you're talking about password managers. I'm 100% sure then that LastPass beats all.
|
|
|
|
photon_coin
|
|
November 14, 2015, 05:20:57 AM |
|
Seriously, using any software create a password for you is not a best practice.
Use different e mail and passwords for everything ========== no exceptoin.
Yes it is work but peace of mind is something you can not go back in time and correct or put a price on.
|
|
|
|
Kprawn
Legendary
Offline
Activity: 1904
Merit: 1074
|
|
November 14, 2015, 07:29:42 AM |
|
Nothing beats your memory... but if that fails, use a piece of paper with a formula only you would understand. Store the formula in a vault and only retrieve it, if you forgot it. I never use the same password for every site, but I use a combination of this formula to create a unique password for every service. It has worked for me for many years now, and I never forget the formula. I will never trust ANY online password manager or creator.... Put the trust in your own hands... not in the unknown.
|
|
|
|
franky1
Legendary
Offline
Activity: 4368
Merit: 4744
|
|
November 14, 2015, 07:52:29 AM |
|
though nothing beats your memory. but... use a SHA hasher inline with your memory that way it adds entropy. EG 'apple pear banana 69 69' becomes: 8e644805af6f009e83cb5cbc5d8dbfb77298cd69d3f4acf5bed70457b553e054 so just remembering 5 items, gives you 64 characters that you dont have to remember, far better then the 20 characters of your memorized words an example is http://www.xorbin.com/tools/sha256-hash-calculatorbut its best you find an offline tool so that your not reliant on a online service that may change its parameters or just goes offline without notice
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
n2004al
Legendary
Offline
Activity: 1134
Merit: 1000
|
|
November 14, 2015, 07:56:08 AM |
|
Hey folks,
do you have a recommendation for a good password manager? Which do you use?
Thanks in advance
You may found tens of those doing a simple search in google. With all the best and shortage characteristics. Why must ask here when you can have only two-three founded by someone which have not used and tried (so have no knowledge about) the others. I personally have heard good words about RoboForm but have not used it (don't prefer to use password manager) and haven't tried or heard nothing about others. So doesn't mean that can be the best one. Anyhow I am giving you below two links with the bests password managers (according to specialized people or magazines) which match all the needed characteristics such product may have and another link with the basic knowledges about those. In this way you can create yourself a full idea about those and having these knowledges make then the best choice which can fit better your needs. http://www.pcmag.com/article2/0,2817,2407168,00.asphttp://lifehacker.com/5529133/five-best-password-managershttps://en.wikipedia.org/wiki/Password_manager
|
|
|
|
OmegaStarScream
Staff
Legendary
Offline
Activity: 3626
Merit: 6359
|
|
November 14, 2015, 08:32:49 AM |
|
I'd definitely go with KeePass , and for those who are giving LastPass as suggestions ... should know that the software is online and I wouldn't use an online service to store my password , just like I won't use an online wallet to store my bitcoins (remember that they got hacked last june too) .
|
|
|
|
kpitti
Legendary
Offline
Activity: 924
Merit: 1002
|
|
November 14, 2015, 09:04:06 AM |
|
I am using combination of password for some general use. If I need some more safe I have 1Password, there I generate good password and then change myself and write on paper.
I do not have such problem to use 1Password as I think it`s good tool. You need just use your brain and think what needs to be protected more.
|
|
|
|
mirana12345
|
|
November 14, 2015, 09:13:17 AM |
|
Entrusting your password creation to third party apps or websites is counter productive when you think about it. Just slam your hands on a keyboard few times, hold +shift and slam once more, then activate caps and slam again. Your end result should be something like : ćrgijargh"#/%&#"%RLIGKNHELU
There's nothing better than having a password like that one, just make sure you make a new one for each new site/program/app/account. Store your passwords on a paper and place it somewhere safe,and don't ever store passwords on your computer, especially don't allow browser to "remember" your passwords.
But when you think about it. Most people store their passwords on their internet browser which is in my opinion the least secure. Most password managers at least use heavy encryption. But if you have a keylogger on your computer your fucked either way if they find out your master password. Maybe if the manager has 2fa authentication. If anyone wants to target you specifically you're fucked either way. Like i said, never allow browser to save your passwords. And in regards to keyloggers - if you want to be mad safe; check outgoing data rate (outband data) before entering your password,and if rate is low (0 or just few kb/s) that means even if you have trojan or keylogger, the master(mallware owner) is not capturing your screen (at that moment) - which then enables you to be safe by writing password from paper using on screen keyboard. Keyloggers, both standalone and those within trojans just record key strokes, they can not get OS keyboard data.
|
|
|
|
Light
|
|
November 14, 2015, 09:18:24 AM |
|
But when you think about it. Most people store their passwords on their internet browser which is in my opinion the least secure. Most password managers at least use heavy encryption. But if you have a keylogger on your computer your fucked either way if they find out your master password. Maybe if the manager has 2fa authentication. If anyone wants to target you specifically you're fucked either way.
If they have a keylogger on your system that you don't know about - even if you don't store it but just have the password in your memory it'll still be logged when you eventually log in to whatever service you're using. Personally, I'm a fan of 2FA on any website that you know you really want to be secure on (i.e. banking, online hot wallet) and if they don't offer that then find another service which does.
|
|
|
|
|