Password managers
Posted by Chael Sonnen
Posted by
Chael Sonnen
posted in
Other Stuff
Password managers
Hey,
A while ago, I saw some people talk about password managers on here, and perhaps a short trial on how to use them.
Could you guys recommend me a safe password manager? At the moment, I've got too many bad passwords, and I'd like to keep my funds safe.
Thanks.
Loading 19 Comments...
KeePassX is a good one.
I like 1Password
So what happens to your passwords? Do you just keep the same ones?
Is the point of software like this that you can use a really difficult password, because you can look it up?
Or does the software change passwords randomly? I don't think that's possible, is it?
I use Keypass.
It randomly creates complex long passwords and keeps track of them all. You use one password to enter the program and then you have your library of passwords right there that you copy paste whenever you need them. If you want you can choose your own passwords and just use the program for book keeping in case you forget.
Keepass, right?
But how does the software change passwords? Surely, it can't go into all the software and follow instructions to change passwords?!
Can't find any tutorials.
Password managers can't change passwords for you, but they can generate random ones when you want to change passwords anywhere. Passwords are kept in a library and you copypaste them when you need them.
You only have to remember the master password to the manager to unlock access to the others. The passwords are stored in an encrypted file. If someone else has access to your computer, they can not retrieve the passwords without the master password. So you want that one to be hard to guess, and you have to remember it.
Keepass is great.
However, I much prefer a password system which is safe and allows me to remember hundreds (!) or even thousands of passwords with little to no effort, with no help but my memory.
It's amazing when you visit a website where you didn't login for 2 years, however, applying the system you "remember" easily your password.
I love the freedom and security it gives me.
Basically, you choose a master password, easy for you to remember but difficult to crack, and you add to it a coded prefix which is based on the site you visit (thus always different).
Examples :
I first choose a "difficult to remember" master password, let's say :
JsQh%KhQd9c&Tc$4s
Btw, it's easy to remember as it is just a memorable (for me) poker hand, to which I added some special characters of my choice (always the same) :
JsQh % KhQd9c & Tc $ 4s
Should I forget the master password, I just go to my favorite site and visit one of my favorite poker hand discussion :
http://www.runitonce.com/nlhe/2p2-thread-would-appreciate-comments-fr/
My system to personalize site specific password prefix is to reverse the 5 last letters of the site, so
here are my passwords for :
- runitonce.com : ecnotJsQh%KhQd9c&Tc$4s
- twoplustwo.com : owtsuJsQh%KhQd9c&Tc$4s
- pokernews.com : swenrJsQh%KhQd9c&Tc$4s
Changing them regularly is a breeze, as you just have to come up with a new memorable poker hand to easily generate a new master password.
To get use to it and memorize it, you can even display anywhere you want the hand with the seven cards, and no one would be able to crack your passwords.
No need for Keepass :-) ...
... except you might want to use it if something happens to you, and you want someone to be able to use your passwords.
More info here :
http://lifehacker.com/184773/geek-to-live--choose-and-remember-great-passwords
http://open.bufferapp.com/creating-a-secure-password/
Which software do you use?
His brain?
errrr ... I don't use no software ! I don't need it !
That is just a simple, solid pasword construction method that doesn't require a lot of effort to memorize any number of passwords; if you know the method, you can recall any unique password for any site even in ten years form now !
Just try it !
If I was Chael Sonnen, my master password would be :
AcAh%7c6h4h&Kh$Qc
(remembered here : http://www.runitonce.com/nlhe/tough-river-spot-3/ )
and my password for runitonce.com would be :
ecnotAcAh%7c6h4h&Kh$Qc
I'll still know it (= reconstruct it) ten years from now !
Dashlane is the best
Do you guys use 'remember password' for poker sites, or do you copy/paste every time you log in? Or remember the complex password.
If the software has a master password, with which you case access all you other information, then why is that safer than just having more simple passwords? If someone were to hack your PC and find out the master password, you're done.
But if you have lots of different passwords, you'll be safer, right?
When somebody has hacked into your computer and can see all you are doing there, all bets are off regardless of how you handle passwords. Good password routines can not replace good computer security routines.
Password managers make it easier for you to maintain good password routines. Specifically, using unique and impossible-to-crack/guess passwords for zillions of sites without having to remember more than one, and without storing them insecurely (like having them written down in a plain text file, as some surely do, which is horrible practice).
safeincloud is very good, have been using it on both my android and pc for a long time.
Been trying Keepass, but it takes so much time.
When I need to log in on MB, I have to:
-Unzip Keepass
- Fill in the password to open it
- Get the MB password
- Copy/paste it into MB.com
You can't do this shit for everything. It will make you go crazy, won't it?
KeePassX comes as an exe file. Unzip it once into some folder. Make a shortcut to desktop and open it like any other program thereafter, filling in master password upon opening.
No need to close it between uses, just keep it open and copypaste passwords from it when needed. :-)
But if someone hacks you when you've got it opened, they'll know all of your passwords!
If they hack you while you've got one program open, they can only hack that particular program!
Keeping all of your passwords in one place can't be safer, right?
The passwords are stored in an encrypted file on your disk. Someone with access to your computer might get to the file, but won't be able to read it. If you have the file open in the password Manager, doesn't mean someone sneaking in from the outside can see its contents. That said, if you have malicious software on your computer, all bets are off, even if your passwords might still be safe. So computer security needs to be in place. :-)
Password security is about protecting yourself against password cracking, and against forgetting passwords.
Say you are lazy and use same password several places, and a bad one. Someone uses a password cracker to brute-force guess that password on a site with sloppy security (and not your fault), and now they have a shot at getting into your other accounts as well.
Be the first to add a comment