Passwords

[ERD50]

I've probably got 50 passwords presently. I've been thru the kids' names and the grandkids' names and the dog and cat names. Now I'm into nicknames.

And I'm not dumb enough to keep them on my computer in Microsoft Word. I've got the passwords on a piece of paper and it's kept in my safe.

Now if I could just remember where I put the combination to my safe, I'd be in good shape.

I think you posted before that you wrote the combination down on that piece of paper with your passwords. Does that help?

Anyhow, as I've posted before, I have two 'keywords', a prefix and a suffix, that I add to the password I have written down. Since my keywords are not written down in the same place, and are easy to remember, I am very safe saving these 'partial passwords' in an un-encrypted file, or leaving a list printed right by my computer. The 'keywords' are something like "APPLE123" and "zebra789". So the password I have written down for my local bank is "-lclbnk$-", and that is all I need to know that the real password is "APPLE123lclbnk$zebra789".


-ERD50

 

[CaptTom]

I've been on the sidelines, not really knowing where to start with password managers.

I was recently directed to KeePass, an open-source password vault program which has versions for Windows, Android and (I think) Apple products. So far I really like it.

The big benefit, to me, is that *I* decide where to store the encrypted password database. No need to set up an account on their server, and no putting all their customer's eggs (databases) in one basket, ripe for hacking.

I chose to put the password file on my own network-attached drive, and the Android app sync's to that, so I have all my passwords wherever I go. Apparently you can also choose to put it on any of the popular "cloud" services you already use.

And, being open-source, it's free and actively maintained. I found it very easy to use.

 

[Sunny]

If you ar a Windows / Android user get LastPass.

If you are a Mac / iOS user get 1Password.

Lots more out there, but those two are pretty well thought of. Personally I try not to use google’s products. If it is free, then YOU are the product being sold.

 

[CaptTom]

If it is free, then YOU are the product being sold.

Totally agree, when you're talking about for-profits like FaceBook, Apple, Google, Microsoft, etc.

But KeePass is open source. Also free, but a totally different animal.

 

[Sunny]

Totally agree, when you're talking about for-profits like FaceBook, Apple, Google, Microsoft, etc.

But KeePass is open source. Also free, but a totally different animal.

KeePass has a bit of an issue for me to suggest to a lot of people as it is not as intuitive or easy to use, is better suited for Windows than other platforms even though it works on other platforms, better suited for people who are more technology oriented, etc. but if it works for people, great. It lacks some bells and whistles, but nothing wrong with it as far as I know.

BTW I wouldn't lump Apple and Microsoft the likes of Facebook and Google. Take Apple....they make their money selling products to us consumers. Compare that to Google or Facebook, who makes money by selling products (us, our content, and viewing habits) to their real customers (marketers).
World of difference between those business models.

I don't know if KeePass is altruistic, but if there is an altruistic open source / free product out there, I take your point that there can be something free where you are not the product being sold. But I'd suggest that to be the exception rather than the rule for mainstream free products.

 

[happy2bretired]

If you ar a Windows / Android user get LastPass.

If you are a Mac / iOS user get 1Password.
.

I have 1Password but I’m afraid to use it. I’m so scared of being locked out. There was a video that I could watch but it wasn’t captioned.

 

[Sunny]

I have 1Password but I’m afraid to use it. I’m so scared of being locked out. There was a video that I could watch but it wasn’t captioned.

Well the one good thing is I'm guessing even if you got locked out most (all?) of the passwords could be reset with the respective websites or companies. And if you put in your CC#s etc. in there, you'd still have those.

But yes, I do suggest making sure you don't forget your master password no matter which password manager you elect to use.

If you wanted the video captioned because you can't here it and it was the video on 1Password's website, I just checked and it is hosted on YouTube. With YouTube videos you can often click the three little dots lower right of the video / above the subscribe button (on my screen anyway) and opt to see the transcript of the video. Don't know if that helps or not, thought I'd mention it.

 

[rpguy4]

I use an app called Password Safe (Android and Windows10) - Probably have over 100 passwords. Some neat features, like clicking on the entry, and it will automatically open up the URL, and log you in. It will also auto generate passwords for you based on user defined rules. You can also add notes or comments to each entry. It's free. (Just a user of the app)

 

[JustCurious]

Having strong passwords is important, but it is much more important to use 2 factor authentication for your important accounts like your primary email and your financial accounts. If you use a safe 2 factor authentication method like a security key or an authenticator or one time password app (something other than sms texts) in addition to a strong password, then you can feel safe that your account is secure.

 

[happy2bretired]

Thank you Sunny will look into the video on YouTube

 

[sengsational]

I have 1Password but I’m afraid to use it. I’m so scared of being locked out. There was a video that I could watch but it wasn’t captioned.

If your password manager has a recovery feature, that means your secret is shared, and you therefore trust who or whatever also has access to your secret. IMO, the only password manager to trust is one with zero recourse should you loose your master password. The simple solution is to write your master password on a sheet of paper and store it in a safe place. The idea that writing down your master password is somehow "bad" is wrong, that is, unless an evil doer has access to your papers. I suppose that could be true if you had untrusted service personnel, but that threat can be mitigated by writing down a slightly wrong master password, the correction only you would know how to fix.

 

[Seagirt]

I don't like to use Google for my bank/credit card accounts, that feels too hackable to me. I also like to write down my pin numbers in case of brain freeze.

My strategy is to not label the document 'Passwords' but to disguise it as junk. I gave it an innocuous title, and cut and pasted in pages of web content, adding passwords near the end. For the paper version, they're in a pile of maps and pamphlets.

 

[easysurfer]

Having strong passwords is important, but it is much more important to use 2 factor authentication for your important accounts like your primary email and your financial accounts. If you use a safe 2 factor authentication method like a security key or an authenticator or one time password app (something other than sms texts) in addition to a strong password, then you can feel safe that your account is secure.

The number of entries on my authenticator app for 2FA is now up to 9 .

 

[SecondCor521]

I've probably got 50 passwords presently. I've been thru the kids' names and the grandkids' names and the dog and cat names. Now I'm into nicknames.

And I'm not dumb enough to keep them on my computer in Microsoft Word. I've got the passwords on a piece of paper and it's kept in my safe.

Now if I could just remember where I put the combination to my safe, I'd be in good shape.

Just write the combination to your safe on the piece of paper. Problem solved.

 

[Chuckanut]

I use 2FA whenever it is offered, even if it is the weak, lousy not very good SMS text message. Lately, I added voice recognition to my accounts when offered.