How do you manage your passwords?
-
I bought a yubikey from Mt Gox not knowing it only worked there… Ive considered getting another but I dont see many places that work with them so I haven’t.
-
Loads of stuff works with Yubi, lastpass too. I’ve got a Mt Gox Yubi too, haha, but I didn’t pay for it.
-
I don’t like keepassdroid app, it’s ok for viewing your database but it doesn’t autofill the browser like lastpass. trying Keepass2Android, will keep you posted
-
I’ve gone for Keepass2Android offline, since I don’t want something that knows my password to have internet access privileges.
-
Let me know how it works for ya, I may just switch.
-
It’s working well. It’s just not quite as slick as lastpass, the browser integration with lastpass is just plain better unfortunately. Don’t get me wrong, it works, but I think I’ve been spoilt.
I’m using the hive folder in spideroak to store the database, it syncs changes up pretty quickly. But I’m happy with Keepass, it’s free and open source. Now we just need to replace spideroak with StorJ and I’ll be a happy bunny.
If anyone wants to try spider oak and doesn’t mind using my referral link it’s here
-
My Brain
-
Sadly my brain isn’t that good. I can’t remember a strong unique password for each site use.
-
nothing beat paper and pencil so far
especially today when every hdd is highjacked with superfish
-
Happy with keepass + firefox plugin + spideroak. It’s good.
-
nothing beat paper and pencil so far
especially today when every hdd is highjacked with superfish
Perfect. I’m used paper too…
-
Lastpass - only way to fly!
-
Lastpass was hacked.
What a stupid idea to centralize all your passwords on other person hdd.
Use pen and pencil dammit.
-
What about blockchain? :)
-
Mirrax, that’s terrible advice. I’d still argue that last pass is still a better solution for most people than using one password for all websites, which is what plenty of people do.
I mean let’s not blow this out of context, even if last pass’s server side DB fell into the wrong hands, each user’s database is individually salted and hashed 1000 times.
The risk is without a password manager people struggle to manage a unique password for every website, resulting in them trusting hundreds of less secure websites with their password.
Sure pen and pencil are great, but it requires a strictness most people don’t posses
-
If you do use paper, use a random password generator like Keypass to generate strong unique password for every website before writing it down in multiple secure locations.
-
Look it’s the desk of Mirrax :)
-
Look it’s the desk of Mirrax :)
Still better than uploading all my passwords to lousy cloud…
-
Still better than uploading all my passwords to lousy cloud…
Mirrax, for the benefit of others, can you help them understand your paper method? How do you produce sufficiently strong unique passwords like say “90^,z+!ZAuGelOf” ? Where do you store them? How do you protect your paper copies against the elements? How do you keep backup copies in case you damage your original? If you need a access to your passwords on multiple machines, how do you ‘take your passwords with you’? Since you can’t auto polulate from your encrypted database, do you have to type your password in each time, or do you allow your browser to insecurely remember them? If it’s the latter, what about your own computer being hacked?
-
Mirrax, for the benefit of others, can you help them understand your paper method? How do you produce sufficiently strong unique passwords like say “90^,z+!ZAuGelOf” ? Where do you store them? How do you protect your paper copies against the elements? How do you keep backup copies in case you damage your original? If you need a access to your passwords on multiple machines, how do you ‘take your passwords with you’? Since you can’t auto polulate from your encrypted database, do you have to type your password in each time, or do you allow your browser to insecurely remember them? If it’s the latter, what about your own computer being hacked?
Paper + pen.
I dont care about elements.
Yes, type each time.
Thats my method and it works really worm, I mean well.
EDIT: It is just paper, it will never have all fancy gimmicks like lastpassword. Yet still it is safer by design.
Thats it you are focusing on gimmicks to much in general.
