alastantiger (OP)
|
|
January 16, 2023, 07:11:59 PM |
|
Similar to not keeping your currencies in centralized exchanges, stay away from centralized password managers. One of the centralized password managers was hacked in August 2022, although they claimed that no customer data was accessed during the incident, you should never trust in them. You cannot rely on the company to keep your seed/recovery phrase secure or prevent unauthorized access to the password vault on the company's end. You can trust them with your email passwords and other personal information, but not with your seed/recovery phrase, which will cause your bitcoin stolen from that address right away if it is compromised. Additionally, I would advise against saying your seed phrase aloud if you use voice-activated devices like Alexa, Siri, or Cortana. I don't want to sound paranoid in saying this. It's impossible to completely rule out the chance that these gadgets are listening in on our chat and that, in the event of a hack, your seed phrase will be stolen. What to know how to secure your seed/recovery phrase? I found this post Securing Your Seed Phrase with Washers by fillippone very helpful. That's all for now. Thank you for reading. What do you think about saving your seed/recovery phrase in a centralized password manager? Refs: https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/https://www.youtube.com/watch?v=9DuvCh6Ql38https://www.washingtonpost.com/technology/2019/05/06/alexa-has-been-eavesdropping-you-this-whole-time/
|
|
|
|
Z-tight
Legendary
Offline
Activity: 1036
Merit: 1102
|
|
January 16, 2023, 07:24:39 PM |
|
What do you think about saving your seed/recovery phrase in a centralized password manager?
You should only store your seed phrase on a paper or engrave it into a steel, saving it online or in any centralized password manager is unsafe and too dangerous, i don't even know why someone would want to store their seed phrase with a centralized service when they can have custody of it themselves and keep it safe by doing what's right. Additionally, I would advise against saying your seed phrase aloud if you use voice-activated devices like Alexa, Siri, or Cortana.
Or your neighbors could be listening, honestly i don't see why anybody should be reading or saying their seed phrase out loud, what is the purpose? To try and memorize it? That itself is a terrible idea and could cause one to lose their coins. Just simply write the seed phrase on a piece of paper and protect it how best you can.
|
|
|
|
freedomgo
Legendary
Offline
Activity: 3276
Merit: 1178
Playbet.io - Crypto Casino and Sportsbook
|
|
January 16, 2023, 08:09:17 PM |
|
What do you think about saving your seed/recovery phrase in a centralized password manager?
You should only store your seed phrase on a paper or engrave it into a steel, saving it online or in any centralized password manager is unsafe and too dangerous, i don't even know why someone would want to store their seed phrase with a centralized service when they can have custody of it themselves and keep it safe by doing what's right. Additionally, I would advise against saying your seed phrase aloud if you use voice-activated devices like Alexa, Siri, or Cortana.
Or your neighbors could be listening, honestly i don't see why anybody should be reading or saying their seed phrase out loud, what is the purpose? To try and memorize it? That itself is a terrible idea and could cause one to lose their coins. Just simply write the seed phrase on a piece of paper and protect it how best you can. Seed phrase should be kept offline and never to be exposed online like when you trust a centralized password manager, because you are giving them permission to steal your funds indirectly. Yes, you could have engrave it or write it and keep it inside your vault, but should never rely such centralized exchanges for its safety. And these voice-activated devices will never be helpful at all as it would not be a secret anymore if you are making your voice loudly that any people around might hear it and save it for themselves too.
|
|
|
|
drwhobox
Full Member
Offline
Activity: 756
Merit: 133
- hello doctor who box
|
|
January 16, 2023, 08:21:36 PM |
|
First of all, I don't see any point in anyone to put their password or seed phrase on a centralized or any decentralized password manager. If anyone struggling to remember their password, they can write it down in several places offline. Seed phrases are hard to memorize but everyone is writing them down offline and keeping them safe outside any digital devices. Additionally, I would advise against saying your seed phrase aloud if you use voice-activated devices like Alexa, Siri, or Cortana. I don't want to sound paranoid in saying this. It's impossible to completely rule out the chance that these gadgets are listening in on our chat and that, in the event of a hack, your seed phrase will be stolen.
No, OP you are right. not only these devices, your mobile or laptop's microphone spies on you. Companies put that to work just to collect data, but hackers can collect them and catch you off guard with your important information. I have seen many ads popping up related to conversations I had with others while I was near my phone or laptop.
|
|
|
|
Cantsay
|
|
January 16, 2023, 09:58:36 PM |
|
If you truly want to keep your secret phrase safe you should write them on a piece of paper and preferably laminate them to make them water proof and if you feel that just writing on a paper and laminating it isn't secure enough you can also use a sharp objects to write on a piece of metal sheet and then keep them where no one will be able to access or a place where nobody will ever think of going to search for anything. Additionally, I would advise against saying your seed phrase aloud if you use voice-activated devices like Alexa, Siri, or Cortana. I don't want to sound paranoid in saying this. It's impossible to completely rule out the chance that these gadgets are listening in on our chat and that, in the event of a hack, your seed phrase will be stolen.
Laughable but true, you can never be certain of how hacker get access to some of your sensitive information and taking precautions like this can help minimize some potential harm to your system. Hackers might be able to gain access to your system's camera, mouthpiece and other accessories that can help transmit audio or video data in such case they can easily get some of your information if you're the type that read out loud your password when inputting them in your system.
|
| | | | | | | ███▄▀██▄▄ ░░▄████▄▀████ ▄▄▄ ░░████▄▄▄▄░░█▀▀ ███ ██████▄▄▀█▌ ░▄░░███▀████ ░▐█░░███░██▄▄ ░░▄▀░████▄▄▄▀█ ░█░▄███▀████ ▐█ ▀▄▄███▀▄██▄ ░░▄██▌░░██▀ ░▐█▀████ ▀██ ░░█▌██████ ▀▀██▄ ░░▀███ | | ▄▄██▀▄███ ▄▄▄████▀▄████▄░░ ▀▀█░░▄▄▄▄████░░ ▐█▀▄▄█████████ ████▀███░░▄░ ▄▄██░███░░█▌░ █▀▄▄▄████░▀▄░░ █▌████▀███▄░█░ ▄██▄▀███▄▄▀ ▀██░░▐██▄░░ ██▀████▀█▌░ ▄██▀▀██████▐█░░ ███▀░░ | | | | |
|
|
|
CryptoPanda
|
|
January 16, 2023, 10:14:42 PM |
|
I have seen many ads popping up related to conversations I had with others while I was near my phone or laptop.
That’s happened to me more than once. I can imagine how much data some companies have collated from users over the years, I think it’s some sort of side hustle for these companies, they spy on us and sell our data to the highest bidder mostly advertising companies. It gets really bad when this data finds it way to the dark web. I don’t blame the Trump and Biden for banning certain foreign media apps from being used in the US.
|
|
|
|
Sandra_hakeem
|
|
January 16, 2023, 10:42:53 PM |
|
This are things a sane person won't try at all... I keep saying it What's the point of getting registered on a decentralized platform just to end up giving away your earnings on a centralized exchange, knowing too well the unbearable disadvantages? C'monnnn, this is been said over time. Password managers ain't even an option to choose for something as important as your seed phrase -- I won't even save my forum account info on it, talk more of the keys to your FREEDOM? NO!!
Sandra 🧑🦰
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
Jatiluhung
|
|
January 16, 2023, 10:52:40 PM |
|
At least I never store my personal wallet seed Phrase (long term investment only wallet) in a centralized password manager. Because if we think logically then what is the reason we trust a centralized password keeper more than our family or ourselves. I didn't even tell my family. then there's no reason for me to trust a centralized password manager. but that's just for my long term investment wallet seed phrase. whereas for personal wallets that are used daily and there are not many assets in them. because I keep doing transactions on it I don't overly complicate myself to save the seed Phrase.
|
|
|
|
sheenshane
Legendary
Offline
Activity: 2492
Merit: 1232
|
|
January 16, 2023, 10:59:33 PM |
|
Don't store all your valuable credentials, which can be accessible by the internet because there's a chance of getting hacked, just like a password manager, this isn't a necessary tool for keeping passwords or any credentials that are valuable to you.
As long as it's possible can access the internet your seed phrase is vulnerable or prone to hacking. Writing it down on a piece of paper or engraving it into a piece of metal is the best way to protect your privacy, stay offline and you're just fine not unless if someone steals it personally.
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3430
Merit: 3165
Playbet.io - Crypto Casino and Sportsbook
|
|
January 16, 2023, 11:21:55 PM |
|
Why would you save the seed phrase backup into a centralized password manager or any password manager this software was just created for passwords not for very important backups like private keys or seed phrases. Backup seed phrases shouldn't be shared with anyone for the safety of these back-ups you need to manually rewrite them into a piece of paper or save it to any device offline so that you are far from leaks.
If you are going to use any software that has a cloud server like a password manager then that's risky there are many people being hacked because of sharing and using weak passwords, leaks, malware, virus, phishing, and many attacks online to protect from harmful online activity always backup your important data to the offline device(That you know you will never connect it to the internet forever). I have a laptop with broken LCD but all my backup I can still open it and connect laptop to external monitor so that I can still access it and all my backup are there and safe the only problem is that it is still Windows 7 I disable/remove wifi/internet connection of this laptop to make sure I never use it to any online activity.
|
|
|
|
dansus021
Copper Member
Legendary
Offline
Activity: 2184
Merit: 1010
Part of AOBT - English Translator to Indonesia
|
|
January 17, 2023, 12:39:55 AM |
|
Yeah, I heard about what happened to LastPass but to be honest we still need a password manager, and most of a password manager is centralized, why we need password manager because I personally keep changing the password on every account which is good since using the same password will get you hacked when one of your accounts got hacked.
Right now I'm using google chrome default password manager but my brother doesn't recommend it so they take me to Bitwarden that they say this was open source
|
| | . .Duelbits. | │ | ..........UNLEASH.......... THE ULTIMATE GAMING EXPERIENCE | │ | DUELBITS FANTASY SPORTS | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ████████████████▀▀▀ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | . ▬▬ VS ▬▬ | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ███████████████████ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | /// PLAY FOR FREE /// WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
lovesmayfamilis
Legendary
Offline
Activity: 2268
Merit: 4533
✿♥‿♥✿
|
|
January 17, 2023, 05:47:08 AM |
|
Right now I'm using google chrome default password manager but my brother doesn't recommend it so they take me to Bitwarden that they say this was open source
I think your peace of mind about the safety of your passwords in the browser is just a matter of time. Even here on the forum, it has been written a thousand times that simply trusting the Chrome browser is the same as walking naked in front of an open window, so you also trust him with something that should be stored very carefully. I will explain more clearly. Hackers need a little. You just need to follow the link they need, and it can be disguised as a completely decent and useful site. By clicking on the link, you will get something similar to an error; you will be informed that you did something wrong, then you calmly press the "OK" button and think that you have calmly left. But you have already sent the hackers all the passwords that were saved in the browser. https://www.doyler.net/security-not-included/xss-password-stealing
|
|
|
|
witcher_sense
Legendary
Offline
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
|
|
January 17, 2023, 07:36:45 AM |
|
Right now I'm using google chrome default password manager but my brother doesn't recommend it so they take me to Bitwarden that they say this was open source
Open-source password managers like Bitwarden, KeePass (for Windows), and KeePassX (for Mac and Linux) allow you to generate very robust passwords and passphrases using a system source of random data. Unlike browsers' in-built password managers, they store sensitive information in encrypted containers, which is decent protection in case of physical access to your device. If someone were to find your phone with the google chrome browser installed, he would extract all your passwords by clicking two buttons, but he would have a hard time trying to hack your encrypted password manager application. However, all this doesn't mean that password managers are the right place to store seed phrases because there is no such thing as an unhackable application.
|
|
|
|
Crypt0Gore
Sr. Member
Offline
Activity: 966
Merit: 281
Playbet.io - Crypto Casino and Sportsbook
|
|
January 17, 2023, 08:58:29 AM |
|
I've lost some passwords to hackers through google password manager and the reason why they still don't have access is Gmail code and 2Fa code, most times I get message alert that someone is trying to log into my twitter account and other platforms until I changed the password to something stronger...
Imagine keeping crypto wallet recovery seeds this same way, it's complete stupidity of anyone to do such.
|
|
|
|
hd49728
Legendary
Offline
Activity: 2268
Merit: 1127
|
If you don't want to use Lastpass, keepass because of security concerns, I am so surprised to see you're ready to store your password on your browser, Google Chrome and use Google Password manager. Do you think something is wrong? Google don't have good reputation about their data protection for users. They even proactively collected data from users and sold it somewhere to convert free data to their income like Facebook. If you have ever saved your passwords on Google Chrome, Google password manager, it's time to change all your passwords and never repeat it. If you use gmail, you can check [Guide] How to know if your email address was part of any data breach.
|
| CHIPS.GG | | | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀░▄░▀▀▀▀▀░▄░▀███▄ ▄███░▄▀░░░░░░░░░▀▄░███▄ ▄███░▄░░░▄█████▄░░░▄░███▄ ███░▄▀░░░███████░░░▀▄░███ ███░█░░░▀▀▀▀▀░░░▀░░░█░███ ███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░███ ▀███░▀░▀▄██▀░▀██▄▀░▀░███▀ ▀███░▀▄░░░░░░░░░▄▀░███▀ ▀███▄░▀░▄▄▄▄▄░▀░▄███▀ ▀████▄▄▄▄▄▄▄████▀ █████████████████████████ | | ▄▄███████▄▄ ▄███████████████▄ ▄█▀▀▀▄█████████▄▀▀▀█▄ ▄██████▀▄█▄▄▄█▄▀██████▄ ▄████████▄█████▄████████▄ ████████▄███████▄████████ ███████▄█████████▄███████ ███▄▄▀▀█▀▀█████▀▀█▀▀▄▄███ ▀█████████▀▀██▀█████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀████▄▄███▄▄████▀ ████████████████████████ | | 3000+ UNIQUE GAMES | | | 12+ CURRENCIES ACCEPTED | | | VIP REWARD PROGRAM | | ◥ | Play Now |
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
January 17, 2023, 09:45:15 AM |
|
If there are significant funds in discussion, the seed phrase should not touch even the computer or smartphone that will ever be connected to the internet. This supersedes the use of password managers, e-mail, cloud or whatever. I don't understand, people no longer have paper and a ball pen in their homes?! Is it so difficult to actually write down (a couple of times) 12 or 24 English words? They have to put everything onto the internet? WTF?!
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
January 17, 2023, 10:13:58 AM |
|
Removing you seed phrase from a password manager is not enough. If the seed phrase is in the password manager in the first place, then it has been stored electronically on a computer with an internet connection. You should therefore assume it is already compromised. Instead you should set up a brand new wallet with its seed phrase only backed up via pen and paper and move all your coins over to this new wallet. Additionally, I would advise against saying your seed phrase aloud if you use voice-activated devices like Alexa, Siri, or Cortana. I don't want to sound paranoid in saying this. It's impossible to completely rule out the chance that these gadgets are listening in on our chat and that, in the event of a hack, your seed phrase will be stolen. Rather than it being impossible to rule out that these devices are listening to you, it has been widely confirmed multiple times that they are listening to you at all times, and what you say is being transferred to centralized servers for storage and analysis. Anything you say in the vicinity of one of these devices is on a third party server somewhere, and you have no idea who has access to it. Right now I'm using google chrome default password manager but my brother doesn't recommend it so they take me to Bitwarden that they say this was open source Google were caught storing users' password in plain text for over a decade. I wouldn't trust them with a single satoshi. I would suggest using KeePassXC or Bitwarden.
|
|
|
|
Crypt0Gore
Sr. Member
Offline
Activity: 966
Merit: 281
Playbet.io - Crypto Casino and Sportsbook
|
|
January 17, 2023, 10:25:37 AM |
|
If you don't want to use Lastpass, keepass because of security concerns, I am so surprised to see you're ready to store your password on your browser, Google Chrome and use Google Password manager. Do you think something is wrong? Google don't have good reputation about their data protection for users. They even proactively collected data from users and sold it somewhere to convert free data to their income like Facebook. If you have ever saved your passwords on Google Chrome, Google password manager, it's time to change all your passwords and never repeat it. If you use gmail, you can check [Guide] How to know if your email address was part of any data breach.Every Chrome browser users automatically have their password saved by the browser for easier log in later, since all the websites I am engaging with are not money saving platforms I am fine with google password manager, when it comes to my online bank account for example or exchange account my password and security level is crazy.. My password alone is over 20 alphabet with a mixture of signs and other things I don't want to say.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
January 17, 2023, 10:29:51 AM |
|
Every Chrome browser users automatically have their password saved by the browser for easier log in later Then turn it off. Or better yet, stop using Chrome since it is literally spyware.
|
|
|
|
hosseinimr93
Legendary
Offline
Activity: 2576
Merit: 5666
|
|
January 17, 2023, 10:33:48 AM |
|
Every Chrome browser users automatically have their password saved by the browser for easier log in later,
You can go to Settings > Autofill > Password Manager and uncheck "Offer to save passwords". Take note that even if "Offer to save passwords" is checked, it doesn't save your passwords automatically and it always ask you whether you want the password to be saved or not.
|
|
|
|
|