|
|
04-01-2022, 06:55 PM
|
#81
|
Thinks s/he gets paid by the post
Join Date: Apr 2006
Location: North Bay
Posts: 1,251
|
We use SplashID. I used the Splash apps back in the 2003-4 era on my Handspring and Palm smartphones, and then gave them up when I switched to android. About 6-7 years ago my brother reintroduced me to SplashID. It is simple and secure. No autofill or pwd generation. Just flexible, synced, encrypted pwd databases on all our devices.
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
04-01-2022, 08:04 PM
|
#82
|
Thinks s/he gets paid by the post
Join Date: Jul 2012
Location: Texas
Posts: 3,024
|
Quote:
Originally Posted by steveinjersey
I use Password Safe https://pwsafe.org/
Used it for years and happy with it. It stores passwords in an encrypted file locally on your computer or on a memory stick. One Master Password is needed to open the the password file. Free and supports 64 bit. Did not want to store passwords online.
|
I think that makes 3 of us so far on this thread.
But yeah... PWSafe is open source, totally free, no ads, no trackers, lots of features, very simple to use. Data is stored locally on your device. Designed by Bruce Schneier, a professional cryptographer, lecturer at Harvard, and public advocate for computer security and privacy. This is anything BUT a commercial enterprise. Plus it's been around since 2002.
I've been using it since 2004. Never an issue. There's an Android version that works quite well. The interface is a bit dated. But it just works. It's more about security than bells and whistles. It supports physical 2FA such as YubiKey.
Over the years, I've done multiple trials on several of the big commercial password managers. But I always come back to PWSafe... for simplicity and the ultimate in security. Did I mention it's free?
__________________
Retired at 52 in July 2013. On to better things...
AA: 85/15 WR: 2.7% SI: 2 pensions, SS later
|
|
|
04-01-2022, 08:24 PM
|
#83
|
Recycles dryer sheets
Join Date: Jul 2012
Location: San Antonio
Posts: 140
|
My simple solution is to not have any accounts of value be accessible on line. I do keep a spread sheet that tracks all my accounts but only access it off line and do not store it on a computer. I reboot after closing and removing the media, then come back on line. Always do an update of security SW and scan before initiating any other programs.
|
|
|
04-01-2022, 11:56 PM
|
#84
|
Thinks s/he gets paid by the post
Join Date: Jun 2016
Posts: 4,663
|
I’m glad to hear the favorable comments re the Safari/Apple solution. That’s what I use, and it works great for me but I’m glad to hear that others also feel it’s a good solution. I never researched the different options, just used Safari since all our devices are Apple.
|
|
|
04-02-2022, 05:21 AM
|
#85
|
Full time employment: Posting here.
Join Date: May 2014
Posts: 979
|
Quote:
Originally Posted by Scuba
I’m glad to hear the favorable comments re the Safari/Apple solution. That’s what I use, and it works great for me but I’m glad to hear that others also feel it’s a good solution. I never researched the different options, just used Safari since all our devices are Apple.
|
+1.
I recently downloaded the 1Password Family and found it cumbersome to use on my Mac. It was spotty getting the auto password creation to work and required me to enter the long master password frequently. I gave up after a couple days and about 8 hours messing with it. Given enough time I probably could have figured out all the wonderful features of the software, but certainly DW had no interest in this. So I cancelled during the free trial period and returned to the relative ease of my Safari password generator.
|
|
|
04-02-2022, 06:23 PM
|
#86
|
Recycles dryer sheets
Join Date: Oct 2017
Posts: 84
|
Quote:
Originally Posted by 38Chevy454
Even though I use strong passwords, and two factor authentication when available, I think the time has come where I might use a password manager. Too many world events where cyber attack is part of the plans. Sure as individual I am probably not a direct target, but a major data breach can make for challenging times. Certainly can't hurt to improve security online since so much of our lives are present there.
1. Do you use a password manager?
2. Which One?
3. Do you like it?
4. (bonus question) Do you pay for it, and how much?
|
I've been using RoboForm for many years. It was one of the first ones to come out. I pay $25 a year. I like it, but I've never tried anything else so haven't compare it to anything. I don't mind paying for it. I feel like the programmers will have more incentive to keep it secure and not lose their income. I don't know if that's true or not, but it gives me more peace of mind.
|
|
|
04-02-2022, 10:35 PM
|
#87
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jul 2014
Location: Spending the Kids Inheritance and living in Chicago
Posts: 17,094
|
Quote:
Originally Posted by WWDog
My simple solution is to not have any accounts of value be accessible on line. I do keep a spread sheet that tracks all my accounts but only access it off line and do not store it on a computer. I reboot after closing and removing the media, then come back on line. Always do an update of security SW and scan before initiating any other programs.
|
I don't think that is a good solution.
You are basically allowing any scammer to be able to set up an account in your name, which will be allowed as it's the first one.
If you are not there, then a scammer can set up the account and have command of your digital identity for that organization.
I think with a Social Security account in your name, someone can do damage.
Same with some bank accounts.
It becomes a nightmare if they set up an account at a bank/brokerage that you actually use, as they will have access to your money online while you don't.
They can then add a transfer account (you won't be notified).
They can then transfer out the money and again you won't know until a check bounces..
__________________
Fortune favors the prepared mind. ... Louis Pasteur
|
|
|
04-03-2022, 08:51 AM
|
#88
|
Dryer sheet aficionado
Join Date: Mar 2012
Posts: 43
|
Quote:
Originally Posted by 38Chevy454
Even though I use strong passwords, and two factor authentication when available, I think the time has come where I might use a password manager. Too many world events where cyber attack is part of the plans. Sure as individual I am probably not a direct target, but a major data breach can make for challenging times. Certainly can't hurt to improve security online since so much of our lives are present there.
1. Do you use a password manager?
2. Which One?
3. Do you like it?
4. (bonus question) Do you pay for it, and how much?
I have been searching and found these as popular choices: lastpass, bitwarden, 1password, dashlane, keeper.
Thanks for discussion and helping me decide what to do.
|
I use the paid version (one time fee) of My Passwords. I use the Android version. Does everything I need in a manager. Love it. When it generates the passwords, it is color differentiated as to numbers vs letters.
|
|
|
04-03-2022, 09:45 AM
|
#89
|
Dryer sheet aficionado
Join Date: Jun 2017
Posts: 26
|
Bitwarden - Free Version.
Syncs across Browsers on mobile, tablets and desktops.
|
|
|
04-10-2022, 07:44 AM
|
#90
|
Confused about dryer sheets
Join Date: Sep 2014
Posts: 5
|
I use StickyPassword
|
|
|
06-22-2022, 12:22 PM
|
#91
|
Recycles dryer sheets
Join Date: Dec 2016
Posts: 200
|
Quote:
Originally Posted by Jerry1
I also use a spreadsheet. The one thing you didn't mention is password protecting the spreadsheet. Mine requires a password to unlock the spreadsheet then I can access all my passwords.
My financial accounts require two factor authorization.
|
+1
This works for me. I also routinely go through and delete ones I set up that I rarely use.
I never save financial passwords online
|
|
|
12-01-2022, 11:34 AM
|
#92
|
Thinks s/he gets paid by the post
Join Date: Dec 2017
Posts: 1,619
|
|
|
|
12-01-2022, 11:54 AM
|
#93
|
Recycles dryer sheets
Join Date: Aug 2022
Posts: 296
|
Quote:
Originally Posted by RetMD21
|
Ouch. At least passwords weren’t compromised. I recently started using 1Password. So far so good, but when filling in the password for some sites, it doesn’t seem to work. I learned to copy and paste when logging into those sites. There’s only a few I’ve encountered.
I like the generation of long, random passwords.
__________________
Retired at 55 in 2017
|
|
|
12-01-2022, 12:08 PM
|
#94
|
Full time employment: Posting here.
Join Date: Nov 2016
Location: Fargo
Posts: 990
|
Using 1Password, Family version. 5 people use it. Each can have a Private locker and a Shared locker for things like TV logins.
Very happy with it. I did spend ~8 hours one Saturday transitioning and getting everything in 1Password. This included getting rid of duplicate passwords and using much more complicated passwords for anything financial or shopping related.
|
|
|
12-01-2022, 12:24 PM
|
#95
|
Recycles dryer sheets
Join Date: Aug 2022
Posts: 296
|
Quote:
Originally Posted by bloom2708
Using 1Password, Family version. 5 people use it. Each can have a Private locker and a Shared locker for things like TV logins.
Very happy with it. I did spend ~8 hours one Saturday transitioning and getting everything in 1Password. This included getting rid of duplicate passwords and using much more complicated passwords for anything financial or shopping related.
|
I’m still in the process of transitioning and cleaning up dupes. It definitely requires a commitment of time. I’ve been slowly doing it, but took care of the most financially sensitive sites first thing.
__________________
Retired at 55 in 2017
|
|
|
12-01-2022, 03:49 PM
|
#96
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,263
|
I have just switched from LastPass to Bit Warden. Why? Two reasons:
1.) LastPass seems to be the object of some determined attackers. They seem to be a rather favored target for reasons that are unknown to me.
2.) Since their code is unknown, it's hard to get a 3rd party view of the risk to users. Bit Warden is open source. If there is a flaw in the code, it has a better chance of being exposed and fixed by outside experts in the field of data security.
According to the email from LastPass the attackers did get some customer data.
Quote:
We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information. Our customers’ passwords remain safely encrypted due to LastPass's Zero Knowledge architecture.
|
My interpretation of this is that the bad guys managed to get some of the customer's encrypted signon data. I may be wrong. But, that is how I read between the lines.
I have already changed the passwords of my financial accounts and stored them in Bit Warden.
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
12-01-2022, 04:04 PM
|
#97
|
Recycles dryer sheets
Join Date: Aug 2022
Posts: 296
|
Quote:
My interpretation of this is that the bad guys managed to get some of the customer's encrypted signon data. I may be wrong. But, that is how I read between the lines.
|
I doubt that anything encrypted was compromised. I'm no expert, but my oldest son is. He's a software engineer on Microsoft's security team and also spent 5 years with the NSA doing encryption work. He tells me that encrypted data can't be hacked without the encryption key, which would be on the user's device, not the vendor's servers. Regardless, it's troubling to see continued breaches.
|
|
|
12-01-2022, 04:13 PM
|
#98
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Mar 2017
Location: City
Posts: 10,351
|
Any widely-used password manager is going to be a high-priority target for hackers. At the same time, the need for complicated and obscure passwords, is pretty questionable. Exhaustive passwords attacks are inefficient and passé. Phishing is the name of the game these days and password managers are no defense against that. So I just have no interest in using one. My financial passwords are complicated enough to be unguessable and the sites prevent exhaustive attacks by limiting the number of login fails permitted. My passwords for sites like this one are close to trivial but I really don’t care whether I am seriously protected or not. There is nothing here that an imposter could steal. Same story on other forums, even on news sites. Nothing to steal so little need for protection.
__________________
Ignoramus et ignorabimus
|
|
|
12-01-2022, 04:25 PM
|
#99
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,263
|
Quote:
Originally Posted by TripleLindy
I doubt that anything encrypted was compromised. I'm no expert, but my oldest son is. He's a software engineer on Microsoft's security team and also spent 5 years with the NSA doing encryption work. He tells me that encrypted data can't be hacked without the encryption key, which would be on the user's device, not the vendor's servers. Regardless, it's troubling to see continued breaches.
|
IIRC, in August they stole copies of code used in LastPass. Now they steal customer data. That seems to be part of plan from my point of view. How they would get my encryption key is unknown. I guess what bothers me is this is starting to look rather methodical. Scary.
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
12-01-2022, 04:26 PM
|
#100
|
Recycles dryer sheets
Join Date: Aug 2022
Posts: 296
|
Quote:
Originally Posted by OldShooter
Any widely-used password manager is going to be a high-priority target for hackers. At the same time, the need for complicated and obscure passwords, is pretty questionable. Exhaustive passwords attacks are inefficient and passé. Phishing is the name of the game these days and password managers are no defense against that. So I just have no interest in using one. My financial passwords are complicated enough to be unguessable and the sites prevent exhaustive attacks by limiting the number of login fails permitted. My passwords for sites like this one are close to trivial but I really don’t care whether I am seriously protected or not. There is nothing here that an imposter could steal. Same story on other forums, even on news sites. Nothing to steal so little need for protection.
|
I kind of felt the same way, but the convenience is what pushed me over to a PW manager. Logging on is now a snap and I only have 1 password to remember. Like you, my financial sites had pretty strong passwords, but there were elements that were shared between them just so I could remember. And that's the real risk. Once any part of a password is known, hackers have software that will test lots of sites with multiple iterations. Takes only a few seconds.
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|