Password managers. Worth it?
Discussion
Have a look at the LastPass thread for what happens when these go wrong...
https://www.pistonheads.com/gassing/topic.asp?h=0&...
https://www.pistonheads.com/gassing/topic.asp?h=0&...
I've been using 1Password for a long time and it works really well for me. I use a Yubikey (well two, a primary and a backup) to secure the 1password vault.
What I like is that every site has a separate password and it integrates with Authenticator 2FA too so most sites are just one or two clicks to get in.
What I like is that every site has a separate password and it integrates with Authenticator 2FA too so most sites are just one or two clicks to get in.
Password managers are great. You can make all your passwords as hard as you want and you only need to remember one to open the vault. The master password just has to be long. You can make it a sentence that's personal and easy for you to remember, but difficult for a computer to brute force. You can setup 2FA on the vault as well if you want.
Only reason I avoid Keychain is it's tied to Apple products. BitWarden is available on all platforms so I can save a password via my iPhone and it's available on my Windows PC, for example.
It doesn't matter if the vault gets stolen, it's encrypted, so unless they have the master password, it's meaningless gibberish to anyone but you.
Only reason I avoid Keychain is it's tied to Apple products. BitWarden is available on all platforms so I can save a password via my iPhone and it's available on my Windows PC, for example.
It doesn't matter if the vault gets stolen, it's encrypted, so unless they have the master password, it's meaningless gibberish to anyone but you.
Key thing with password managers is to have the file stored in the cloud and cached locally. Quite a few of us use KeePass with the file being kept on OneDrive/GDrive/Dropbox/etc.
While the KeePass compile is for Wintel you can go to the downloads section to see a few options for MacOS (I also use it on Android and did on my old iPad). Note there are other alternatives people here use which do similar.
While the KeePass compile is for Wintel you can go to the downloads section to see a few options for MacOS (I also use it on Android and did on my old iPad). Note there are other alternatives people here use which do similar.
Password managers are a must these days.
I used to be on lastpass, left when they altered their pricing.
Now with Bitwarden. Couple of tips:
1. Use a really strong master password and 2FA to login, preferably with a hardware key.
2. Don’t have your 2FA tokens and passwords in the same app. Use Authy for tokens.
I used to be on lastpass, left when they altered their pricing.
Now with Bitwarden. Couple of tips:
1. Use a really strong master password and 2FA to login, preferably with a hardware key.
2. Don’t have your 2FA tokens and passwords in the same app. Use Authy for tokens.
somouk said:
Password managers are a must these days.
I used to be on lastpass, left when they altered their pricing.
Now with Bitwarden. Couple of tips:
1. Use a really strong master password and 2FA to login, preferably with a hardware key.
2. Don’t have your 2FA tokens and passwords in the same app. Use Authy for tokens.
Thanks. Signed up for Bitwarden and will see how that goes. Very nervous it won't do what i"m used to with autofill and saving, but we will seeI used to be on lastpass, left when they altered their pricing.
Now with Bitwarden. Couple of tips:
1. Use a really strong master password and 2FA to login, preferably with a hardware key.
2. Don’t have your 2FA tokens and passwords in the same app. Use Authy for tokens.
Until recently I was using LastPass … the less said about them the better
Switched across to Keychain - it dies everything I need password wise with Authy for 2fa
For secure data - I have that I. Secure notes which require a differbebt password to the screen unlock
For secure field I use Cryptomator
Switched across to Keychain - it dies everything I need password wise with Authy for 2fa
For secure data - I have that I. Secure notes which require a differbebt password to the screen unlock
For secure field I use Cryptomator
FlossyThePig said:
Slightly off-topic - Take the Password Test
I'm happy with that
And to return to the topic, i use Keeper as my password manager - synched across multiple devices (OS agnostic), plus 2FA when available.
FlossyThePig said:
Slightly off-topic - Take the Password Test
And while you're at it, check your email on thishttps://haveibeenpwned.com/
Ronstein said:
FlossyThePig said:
Slightly off-topic - Take the Password Test
And while you're at it, check your email on thishttps://haveibeenpwned.com/
Saw on Reddit this morning so thought it was apt to post.
With a password manager you start to see how many websites put too strict a limit on password length. With a password manager you want to use 64 character passwords with symbols as it makes no difference to you as a user, but a lot of sites limit you to less than 20 with no symbols allowed.
Brainpox said:
Saw on Reddit this morning so thought it was apt to post.
With a password manager you start to see how many websites put too strict a limit on password length. With a password manager you want to use 64 character passwords with symbols as it makes no difference to you as a user, but a lot of sites limit you to less than 20 with no symbols allowed.
The important assumptions are...
- Hacker has accessed your password hash, via a breach.
- Hashes are simple MD5. (bcrypt/PBKDF2 hashes used by most password managers take a lot longer)
- Hacker is attempting to crack YOUR password. (If they've breached 100K accounts, what are the odds they're going to crack yours?)
Brainpox said:
Saw on Reddit this morning so thought it was apt to post.
With a password manager you start to see how many websites put too strict a limit on password length. With a password manager you want to use 64 character passwords with symbols as it makes no difference to you as a user, but a lot of sites limit you to less than 20 with no symbols allowed.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff