Password Managers

My wife, who is more paranoid (cautious) than me, reviewed a number of password managers and chose Sticky Password. We've used it for over a year and like it very much.

Prior to this used Keepass for years.
 
I use KeepassX. Keep passwords on a thumb drive, not on my hard drive. Keep a back up copy on my keyring.
 
Used PasswordSafe for many years but converted to LastPass a few months ago and have not regretted it.
 
I am currently using LastPass (with Chrome). I used to use Roboform and like LastPass the most. I have considering trying out Dashlane as well though since it gets very good reviews.
 
Sampled several PWM a couple years ago. (Dashlane, 1PW, KeepassX and Lastpass) I chose to go with Lastpass and have had no regrets. I'm up to 109 websites and only know my Master Password.
 
One very cheap, and highly secure solution is to create either a password protected document or spreadsheet, containing all your passwords, security questions, etc. In Widows, MS Word and Excel both allow you to Save As .... and the advanced options are where you create the single password. The password is required to open the document or spreadsheet, and is 128-bit encrypted, which is as secure as it gets. Leave the document on your hard drive, with some obscure, un-interesting name (not "Passwords" duh). Also, each time you need to update it, print out a copy and keep it in a secure place in your home. Be sure to NEVER forget the single master password or you too will be unable to open your file.
Word and Excel work this way on Windows. I am reasonably sure that they work on Macs, and possibly the native Mac Pages, and the native spreadsheet for Macs named Numbers work this way too !
 
mcbraemer said:
Word and Excel work this way on Windows. I am reasonably sure that they work on Macs, and possibly the native Mac Pages, and the native spreadsheet for Macs named Numbers work this way too !
Click to expand...

MS Word on Android ("Office Mobile") works this way too. However, the Google Docs app can't open an encrypted Word document.
 
I have never had a password manager. I have never needed one. Now there is no way I can keep track of or remember all my passwords, so I have them all written down on some paper that is clipped together. I do keep it updated. It works for me as only I know where the paperwork is located.

There is more than one way to do things. It's whatever works for you.
 
mcbraemer said:
One very cheap, and highly secure solution is to create either a password protected document or spreadsheet, containing all your passwords, security questions, etc. In Widows, MS Word and Excel both allow you to Save As .... and the advanced options are where you create the single password. The password is required to open the document or spreadsheet, and is 128-bit encrypted, which is as secure as it gets. Leave the document on your hard drive, with some obscure, un-interesting name (not "Passwords" duh). Also, each time you need to update it, print out a copy and keep it in a secure place in your home. Be sure to NEVER forget the single master password or you too will be unable to open your file.
Word and Excel work this way on Windows. I am reasonably sure that they work on Macs, and possibly the native Mac Pages, and the native spreadsheet for Macs named Numbers work this way too !
Click to expand...

Yes, I thought about just having an encrypted spreadsheet containing all my userid, password and related notes (like challenge Q&A for password resets). But for me, just using a password manager to keep this info is easier than maintaining such a spreadsheet.

For me, using Password Corral as my password manager at least looks kind of like a spreadsheet :).

Note: attachment not my file, but a screenshot sample from Password Corral
 

Attachments

  • freeware-pc-02-2.gif
    freeware-pc-02-2.gif
    27.3 KB · Views: 19
Looks good ! I guess one of the advantages of some of the Password Manager programs is that they create, and enter for you, highly complex passwords like those shown above. These passwords would be harder to crack, I am told. Using my Word/Excel system still requires me to manually type passwords and usernames into each website/application - therefore my credentials are probably not as robust as those that a Password Manager would create for me.
I will look into the ones mentioned here too, but for now, it "seems" to be working OK for me.
 
mcbraemer said:
Looks good ! I guess one of the advantages of some of the Password Manager programs is that they create, and enter for you, highly complex passwords like those shown above. These passwords would be harder to crack, I am told. Using my Word/Excel system still requires me to manually type passwords and usernames into each website/application - therefore my credentials are probably not as robust as those that a Password Manager would create for me.
I will look into the ones mentioned here too, but for now, it "seems" to be working OK for me.
Click to expand...

In the sample above, those fields are actually Password Corral's encrypted lettering as that program can display regular text or encrypted (in case of folks looking over the shoulder).

One other advantage I see of using a password manager is for most, the userid fields are already sorted. When having a lot of userids, not sorting can be a chore to go through or sort on your own.

Using a good password generator is important as sites have different requirements of varying lengths and special characters or not.
 
Which one or ones are open source?

I've been a LastPass Premium user for years, but they doubled the price, which I could have tolerated, but at the same time, the plug-in Firefox started working in fewer and fewer cases, causing me to go the copy paste route. The motivation for going premium was the sharing with mobile, but although the Android app worked OK, it never worked very well with the mobile browser.

I was and am uncomfortable with a closed source solution, but bit my tongue because it used to work seamlessly. Lately, with the drop in quality, I'm doing copy paste anyway, I might as well go with something that is less likely to have a hidden back-door.
 
sengsational said:
Which one or ones are open source?

I've been a LastPass Premium user for years, but they doubled the price, which I could have tolerated, but at the same time, the plug-in Firefox started working in fewer and fewer cases, causing me to go the copy paste route. The motivation for going premium was the sharing with mobile, but although the Android app worked OK, it never worked very well with the mobile browser.

I was and am uncomfortable with a closed source solution, but bit my tongue because it used to work seamlessly. Lately, with the drop in quality, I'm doing copy paste anyway, I might as well go with something that is less likely to have a hidden back-door.
Click to expand...

Did a search and filter for you at https://alternativeto.net/browse/search/?q=password manager&license=opensource&platform=windows

platform as windows, liscense is open source. You can change the platform and liscense for other requirements.

There are a lot of password managers. This is a good or bad thing depending on your perspective :cool:.
 
sengsational said:
Which one or ones are open source?

I've been a LastPass Premium user for years, but they doubled the price, which I could have tolerated, but at the same time, the plug-in Firefox started working in fewer and fewer cases, causing me to go the copy paste route. The motivation for going premium was the sharing with mobile, but although the Android app worked OK, it never worked very well with the mobile browser.

I was and am uncomfortable with a closed source solution, but bit my tongue because it used to work seamlessly. Lately, with the drop in quality, I'm doing copy paste anyway, I might as well go with something that is less likely to have a hidden back-door.
Click to expand...

I was a LastPass Premium user too. Then I just let the fee drop (somewhere you select to stop automatic renewal). There were no changes so far to its operation using the free mode and no advertising that I see yet.

I also use Firefox and don't have too many problems with password injection. Sometimes I have to right click in the login window and select LastPass autofill. It's true that LastPass isn't functioning quite as robustly but I'm guessing these issues will clear up over time.
 
Can someone explain how they actually use their password manager? I downloaded KeyPass and I understand the use of the program. What I'm looking for is how you functionally use the software.

To me, it sort of looks like I would use it the way I use my spreadsheet. 1st, it's password protected, so I open up the spreadsheet with my passwords. Then, I look up my desired site (visually) and get the password. Usually it's pretty basic so then I just go to the site and type it in. With KeyPass, it looks like I would do about the same thing only since it has a password generator, I'd probably copy and paste the password since it's complex.

Is any of this automatic or automatable? It seems like a good solution, but not too automated. Then I read about using something in the browser (not something I'm inclined to do) and those look like they take the lead and log you into the site (save your password).

Is that about how these things work? I want to upgrade my password organization and security, so would appreciate a bit of help beyond the brands of managers (which has been helpful) that I've gleaned from this thread. How do they physically work? Thanks!
 
My password manager, like most local ones encrypts the data on a file on my hard drive and has user name, password, url, and comments/notes field. The manager also has a password generator but I use a separate program for my password generating as the separate one works faster (I don't have to check and uncheck selections as often).

I try for randomness as that helps in security. Randomly generated passwords (except my master password, which I have memorized) along with randomly generated answers to those challenge questions ("Who was your favorite friend in grade school?" type questions). I use the comments/notes section of the password manager to store the challenge questions and answers along with other important information for that log in.
 
Jerry1 said:
...

Is any of this automatic or automatable? It seems like a good solution, but not too automated. Then I read about using something in the browser (not something I'm inclined to do) and those look like they take the lead and log you into the site (save your password).

Is that about how these things work? I want to upgrade my password organization and security, so would appreciate a bit of help beyond the brands of managers (which has been helpful) that I've gleaned from this thread. How do they physically work? Thanks!
Click to expand...

I only know about Lastpass usage. It is generally automatic in that most login windows on my PC have a little icon in it. Then the login & password are automatically injected, often after a second or two delay. To speed things up some sites might require a click on that icon to get up the selection. On some sites I will have to right click in the login window to get the Lastpass injection.

The password managers should work across devices. So if your have a smartphone with finger print ID (highly recommended) then you can get your login/PW to inject into some apps (like bank apps). Alternately you can launch an app from the password manager.
 
Jerry1 said:
Can someone explain how they actually use their password manager? I downloaded KeyPass and I understand the use of the program. What I'm looking for is how you functionally use the software.

To me, it sort of looks like I would use it the way I use my spreadsheet. 1st, it's password protected, so I open up the spreadsheet with my passwords. Then, I look up my desired site (visually) and get the password. Usually it's pretty basic so then I just go to the site and type it in. With KeyPass, it looks like I would do about the same thing only since it has a password generator, I'd probably copy and paste the password since it's complex.

Is any of this automatic or automatable? It seems like a good solution, but not too automated. Then I read about using something in the browser (not something I'm inclined to do) and those look like they take the lead and log you into the site (save your password).

Is that about how these things work? I want to upgrade my password organization and security, so would appreciate a bit of help beyond the brands of managers (which has been helpful) that I've gleaned from this thread. How do they physically work? Thanks!
Click to expand...

When I first used keepass, I tried it with 1 site, quite a bit to be sure I liked it and then added more once I was comfortable.
Now I have 100's of sites each with a different username, pwd, in it.

I use keepass, when you shut off your computer, the keepass database file is encrypted.

I have a very long password and set up a key file for the database (when first setting up a database it helps you set up a key file).
The keyfile is simply a file on your computer, that has to be there to open the database.
The keyfile is combined with your password to open the database.
The keyfile is simply a specially generated text file, and if you change part of it by even 1 character, using the correct password will still not open the database.


In keepass, I put the URL (https://.....) of the site., my user name and password.
Then when I want to go to a site, I just double click on the URL and it opens my browser to that site, I double click user id entry on keepass which auto copies it to the clipboard and I paste that in browser field.
I doubleclick the password in keepass and paste that in the browser as well.

You can set how long the auto copy keeps it in the clipboard before it wipes it clean.

When registering at a site, I see what their rules are for passwords, open the generator and set the settings then it generates a password for that site. I save the database to keep all settings saved when I change something.

I make copies of the database and key file on thumbdrives as backup.

for each site entry, you can edit the area below for whatever you want, so I use it to keep the security questions and answers , and maybe the bank address and phone number.
 
Thanks. I should have, but didn't think of the YouTube idea. That was very helpful.
 
You must log in or register to reply here.

Similar threads

A
PC security and hacking!
Replies
21
Views
1K
walkinwood
walkinwood
Janet H
Forum Downtime - software update scheduled April 23/24
2
Replies
36
Views
1K
Out of Steam
Out of Steam
Janet H
Forum Update - We're back! Ask your questions here.
3 4 5
Replies
121
Views
2K
USGrant1962
USGrant1962
R
Travel Hack - Works for Me
2
Replies
27
Views
2K
CarbonaNotGlue
C
S
Google Password Manager Failed
Replies
10
Views
970
rk911
rk911

Latest posts

Back
Top Bottom