Password "Vaults" or storage options

pharkurnell on 27/08/2020 - 17:01
Last edited 27/08/2020 - 17:01

Just after some ideas of ways of storing passwords that you rarely use… Got sick of counting the fire hydrants while trying to guess passwords are 12mths since you last used them.. Then trying resetting it to be told you can't use one you've used in the last 15 resets… So go and use something you'll never remember.

Any good suggestions, I've looked at a few, but not sure how secure these types of things are…
But might be better than 500 post it notes around the screen or a book next to the keyboard like some of the people at work have.

Computing Password Manager

Comments

  • Vote for Pedro on 29/08/2020 - 13:41
    -3

    What benefits do all these password managers have over iOS keychain? I just don’t get it

  • [Deactivated] on 29/08/2020 - 14:36
    +2

    Enpass - https://www.enpass.io/

    No dependencies, secure.

  • Sr11 on 29/08/2020 - 14:52

    I use the app 1password. Works well for me. Theres an online version and andriod app.

  • Hansi on 29/08/2020 - 15:30
    +1

    May I suggest you use 2FA(two factor authentication)( I personally use Authy) with your password manager. Otherwise if someone knows your master password, they have access to ALL of your othrt passwords.

    • spaceflight on 29/08/2020 - 21:51

      If you use the LastPass it will synchronise your 2FA details back to the password vault which is useful if you ever lose your device.

  • indian81 on 29/08/2020 - 15:41

    Sticky password with lifetime subscription. I have set up accounts for my whole family and can share the passwords with them and it’sa one time cost for me. Find it convenient using on multiple devices and ask my passwords are minimum 20 characters wherever they are supported. Sometimes pain to enter if you don’t have option to copy/paste and have to type, e.g. on TV and with TV remote.

  • orangehighlight on 29/08/2020 - 15:48

    What do people think about SecureSafe? It's the one that I got introduced to but I'm not sure.

  • Okayy on 29/08/2020 - 20:15

    Keychain! But it’s limited to Apple Ecosystem.

  • kaleidoscope on 29/08/2020 - 20:51

    lastpass + icloud keychain

  • Jimh66 on 30/08/2020 - 00:12

    My work pays for a 1Password subscription these days, but I’ve used it for years before work offered it. The fact that LastPass has been hacked more than once decided it for me. I’m sure it’s safer these days.

  • vroomkroom on 30/08/2020 - 07:20
    +1

    I was told by a really good cyber security consultant to use "Forgot password" everytime for occasionally used passwords and delete the email after using them once. I really do not know if this provides more safety. Very keen to hear on the authenticity of this method from other cyber security professionals !!

  • movieman on 30/08/2020 - 07:40

    I use a piece of paper.

    Generally new passwords will be the current date (ie 29August) or some variation, based on the requirements.

  • bhm133 on 30/08/2020 - 08:03

    Serious question.

    What do you use for a public/work computer if you want to access Gmail etc? At work we could use several different desktops in any given day.

    • nodeahs on 30/08/2020 - 08:20

      Use the appropriate app, I do that with 1password. Only annoying thing is typing in a 15 digit string of characters 😅

    • greatlamp on 30/08/2020 - 11:37
      +1

      Assime your password will eventually be stolen and Make sure you have 2 Factor authentication connected to an app.

  • Loopholio on 30/08/2020 - 09:13

    No one else still uses TrueCrypt? I have my passwords (other than those stored by google that I don't care enough about) stored in text file with other stuff, like google backup codes.

    • bsbozzy on 30/08/2020 - 15:00

      Cool kids have moved to Veracrypt after Truecrypt stopped all development

  • D6C1 on 30/08/2020 - 09:35

    How about Dropbox passwords?

  • JoJoker on 30/08/2020 - 11:36

    Bitwarden

  • tril3mma on 30/08/2020 - 14:19

    Highly recommend Bitwarden for ease of use and it's open source

  • Dr Techno on 30/08/2020 - 15:22

    Mooltipass (hardware pw manager)
    https://www.themooltipass.com/

  • karu on 30/08/2020 - 16:29
    +2

    Using Bitwarden with a Yubikey.

  • [Deactivated] on 30/08/2020 - 19:51

    Keeper or 1password

  • ratman on 30/08/2020 - 20:29

    I use a keypass compatible database stored on my home server (and replicated to all my devices). I can access it thru a next cloud webapp from any browser which is handy in a pinch.

    Edit: oh, and use a diceware generated master pass phrase.

  • [Deactivated] on 30/08/2020 - 21:14

    Youre not that important…password manager companies love you tho 👌

  • bigbadboogieman on 30/08/2020 - 23:49

    Just use gibberish and click forgot password. Works everytime for me.

  • pippohippo on 31/08/2020 - 09:46

    +1 on Lastpass - free to use, easy to use. 2FA is nice and simple. Can leave notes and comments on each login credentials.

  • vicerum on 31/08/2020 - 13:54

    I've been using KeePass for about 12 years, with the db stored in Google Drive (previously on Dropbox).

    I have over 400 passwords stored there, it's perfect.

    Available on all my devices, free forever, open source, secure.

  • lazarski on 31/08/2020 - 18:38

    if after pw manager -> Bitwarden

    better than Last Pass

  • justwii on 31/08/2020 - 19:00

    How can anyone possibly trust anything "storing" your passwords for you?

    • vicerum on 31/08/2020 - 19:35
      +1

      The same questions can be raised around things like online banking. Why do people trust websites to store and transfer their money?

      Trust is a subjective term for most, and usually it depends on your threat levels. If you're a Korean diplomat carrying secrets for the government, chances are the "trust" you require from your applications and tools is far greater than if you were a housewife in Frankston looking after a seven-year-old and logging into Facebook couple times a day.

      For the majority of people, having strong, long, complex passwords which are different for every website, app, login, terminal, account, is very difficult. Your two options are either to compromise on security and use Password1234 variants everywhere, or try to memorise each and every password, inevitably forgetting the seldom used ones.

      Password managers take that stress away from you. You remember one single complex master password, and that lets you have access to all the other passwords. No compromises. They even let you store different email addresses for each account, and many have features around storing secure notes, attachments, tax details, 2FA tokens, and integrating with hardware keys like Yubikey for additional layers of security.

      They're widely trusted by the community because of a long-running history of compliance (LastPass, 1Password, etc.) and being open-source (KeePass, Bitwarden, etc.) which means their code is open for inspection and verifying it's doing what they claim it's doing.

      Maybe if you only have a couple of accounts and you're happy trying to remember passwords, that's fine. For the other 99% of people I see it as a fairly basic yet critical aspect of online life.

  • shaybisc on 01/09/2020 - 08:11

    I was temporarily excited by this on Humble Bundle:

    https://www.humblebundle.com/store/lastpass?hmb_source=searc…

    "Last Pass Premium

    LastPass/10 Years of Security"

    $48.99

    Which I read as … well you can see. But it's only for 1 year. They are kidding. I'm switching to Bitwarden after my current LP subscription finishes next year.

Login or Join to leave a comment
Login Join