|
|
09-29-2018, 11:32 PM
|
#21
|
Thinks s/he gets paid by the post
Join Date: Jun 2016
Posts: 4,663
|
Quote:
Originally Posted by aja8888
The answer to all my security questions is "banana". That keeps it simple.
Like:
Q. What was your first car?
A. Banana
etc.
(it's really not banana)
|
Good idea!
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
09-30-2018, 09:06 AM
|
#22
|
Thinks s/he gets paid by the post
Join Date: Mar 2014
Location: Southern Cal
Posts: 4,032
|
Quote:
Originally Posted by pjigar
I have came across a security question in the past: Did you forgot your password?
Can you guess the answer?
|
Banana?
|
|
|
09-30-2018, 09:09 AM
|
#23
|
Moderator
Join Date: Jul 2010
Posts: 7,945
|
I use 1Password for nearly all passwords except for a couple that I have memorized. For less important (non-financial) passwords I also keep them in Safari keychain so that they sync to my iPhone. The password for 1Password is a phrase of random short words with some other random stuff thrown in the middle. I do print out all of the passwords periodically and put a copy in our safe deposit box.
__________________
"One of the funny things about the stock market is that every time one person buys, another sells, and both think they are astute." William Feather
----------------------------------
ER'd Oct. 2010 at 53. Life is good.
|
|
|
09-30-2018, 09:13 AM
|
#24
|
Moderator
Join Date: Feb 2010
Location: Flyover country
Posts: 25,362
|
^^^^^^
Exactly what I've done for many years.
__________________
I thought growing old would take longer.
|
|
|
09-30-2018, 09:15 AM
|
#25
|
Full time employment: Posting here.
Join Date: May 2013
Posts: 727
|
I have a really ignorant question regarding these products. Don't you have one password that unlocks the password manager? If someone get that one password, do they get the keys to everything? Sorry if this is a dumb question, but I don;t have any experience with these.
__________________
“If you don't do it this year, you will be one year older when you do.” - Warren Miller
|
|
|
09-30-2018, 09:31 AM
|
#26
|
Moderator
Join Date: Feb 2010
Location: Flyover country
Posts: 25,362
|
Quote:
Originally Posted by Willers
I have a really ignorant question regarding these products. Don't you have one password that unlocks the password manager? If someone get that one password, do they get the keys to everything? Sorry if this is a dumb question, but I don;t have any experience with these.
|
Not a dumb question. The answer is that this is the beauty of the password manager -- you only have to memorize that one master password.
In my case, it would be practically impossible to guess, but easy for me to remember. DW also knows it, and it is written down and stored in the safe, as well as in the safe deposit box.
__________________
I thought growing old would take longer.
|
|
|
09-30-2018, 09:45 AM
|
#27
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,150
|
Quote:
Originally Posted by Willers
I have a really ignorant question regarding these products. Don't you have one password that unlocks the password manager? If someone get that one password, do they get the keys to everything? Sorry if this is a dumb question, but I don;t have any experience with these.
|
Put another way, password manager is all the eggs in one basket. No password manager is eggs all over the place.
I'm for eggs in one basket with a well protected basket as the alternative is IMO, non manageable or carry it's own risks.
A good master password along with encryption of the password manager is that well protected basket .
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
09-30-2018, 09:46 AM
|
#28
|
Thinks s/he gets paid by the post
Join Date: Aug 2017
Location: Champaign
Posts: 4,729
|
I trust my DH, but he leaves all his passwords neatly typed in a folder on his desk. I mentioned my niece and all her lovely (trustworthy) friends come over, spend the night sometimes. One click of their cell phone could take a picture of that neatly organized page and well...you know the rest. That's why for the most important websites we have voice activated pass codes and 2 step authentication. Then again, growing up, we left all the doors open, keys in the cars. Friends, relatives came and went as they pleased. That was 40 years ago. My car did get stolen, probably by someone who knew me, and police found it across town parked, in good condition.
__________________
"Do not go where the path may lead, go instead where there is no path and leave a trail."
Ralph Waldo Emerson
|
|
|
09-30-2018, 10:17 AM
|
#29
|
Thinks s/he gets paid by the post
Join Date: May 2016
Location: Mid-Atlantic
Posts: 2,676
|
Quote:
Originally Posted by easysurfer
Put another way, password manager is all the eggs in one basket. No password manager is eggs all over the place.
I'm for eggs in one basket with a well protected basket as the alternative is IMO, non manageable or carry it's own risks.
A good master password along with encryption of the password manager is that well protected basket .
|
Also, most of them, like Lastpass, let you set up two-factor authentication, which means either emailing or texting a code to a trusted email address or cell phone number, so that even if someone obtained your username and password, they couldn't get into your account. That's like having an armor-plated basket, IMO.
__________________
-Looking to FIRE in the mid-2020s, which would be our mid-50s.
|
|
|
09-30-2018, 10:32 AM
|
#30
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,266
|
Quote:
Originally Posted by aja8888
The answer to all my security questions is "banana". That keeps it simple.
Like:
Q. What was your first car?
A. Banana
etc.
(it's really not banana)
|
Ugh. I can think of several reasons that is a mistake, including the fact that if just one site you do business with messes up and your data is lost to bad guys, they have the key to everything.
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
09-30-2018, 10:39 AM
|
#31
|
Thinks s/he gets paid by the post
Join Date: Aug 2017
Location: Champaign
Posts: 4,729
|
Quote:
Originally Posted by Chuckanut
Ugh. I can think of several reasons that is a mistake, including the fact that if just one site you do business with messes up and your data is lost to bad guys, they have the key to everything.
|
Yes, scrambling everything, even just a little, add cap, number, symbol and jumble up a phrase helps, i think. Misspelling words to the point of no return, phrases that make no sense. That's what l try to do. I have a fake name, fake b day, fake address in Facebook and I still got hacked. I had to shut down twice and my niece posts pictures of her kids, their school, the front of her house and posts little maps of where they went to dinner.
__________________
"Do not go where the path may lead, go instead where there is no path and leave a trail."
Ralph Waldo Emerson
|
|
|
09-30-2018, 10:52 AM
|
#32
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,266
|
Quote:
Originally Posted by Willers
I have a really ignorant question regarding these products. Don't you have one password that unlocks the password manager? If someone get that one password, do they get the keys to everything? Sorry if this is a dumb question, but I don;t have any experience with these.
|
Yes, that is why you pick a weird password that is easy for you to remember but hard for others to guess.
You should also have 2nd factor authentication turned on. (I use a number generator app on my iPhone, codes sent to our phones are not secure) .
The password manager also notifies me whenever it is logged on via a previously unknown computer.
It's not perfect. Maybe when SQRL is actively used, I might go with that.
https://www.grc.com/sqrl/sqrl.htm
Quote:
A highly secure, comprehensive, easy-to-use replacement
for usernames, passwords, reminders, one-time-code
authenticators . . . and everything else.
|
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
09-30-2018, 10:57 AM
|
#33
|
Full time employment: Posting here.
Join Date: May 2013
Posts: 727
|
Thanks everyone. I have a better understanding now. I've looked at these, but have never pulled the trigger. Maybe I'll give one a try.
__________________
“If you don't do it this year, you will be one year older when you do.” - Warren Miller
|
|
|
09-30-2018, 02:42 PM
|
#34
|
Thinks s/he gets paid by the post
Join Date: Feb 2012
Location: Northern Ohio
Posts: 3,182
|
One thing about password managers is that I really really hope there is a nice assortment of them rather than one dominant company for the foreseeable future.
When one gets hacked, and it's really only a matter of time before this happens, it's best if 80% of folks don't all use it.
|
|
|
09-30-2018, 03:21 PM
|
#35
|
Administrator
Join Date: Jul 2005
Location: N. Yorkshire
Posts: 34,130
|
Password manager or not, a very popular method of getting access to bank accounts is via social engineering so we are all trusting customer service people to keep our accounts secure, and those customer service people are not necessarily those in financial institutions as our accounts are usually associated with our email and phone numbers.
One example is the SIM card swap where thieves learn enough personal information to fool telephone customer service into getting your phone number assigned to their SIM and then phone your bank and get them to send validation codes to the phone number on record. I listened to someone being interviewed on how it happened to him. He noticed that he had “No Service” on his phone and started to inquire what was going on. In the hours it took for him to notice and for the phone company to disable his number his bank account had already had thousands transferred out.
What is SIM card fraud -- and how can you avoid it?
__________________
Retired in Jan, 2010 at 55, moved to England in May 2016
Enough private pension and SS income to cover all needs
|
|
|
10-01-2018, 11:15 AM
|
#36
|
Thinks s/he gets paid by the post
Join Date: Jul 2006
Location: Denver
Posts: 3,519
|
Quote:
Originally Posted by TromboneAl
As time goes by, I go to more and more secure passwords. The next step would be to allow my password manager (EnPass, recommended over LastPass*) complete control to create passwords, fill them in, and store them.
My worry is that a password like
*^%#uyh*9076__&5$#@!
would be trouble if EnPass ever died. Having 100 passwords like that would be worse.
Does you give your password manager complete control?
*I used to use LastPass, but found that EnPass lets me fill in a password with fewer clicks of the mouse. It has some other advantages as well.
|
I use LastPass and it generates and manages my passwords and has done so for a number of years now. I also use it to store other confidential information & form-fill data like credit cards for payment. I do use 2-factor authentication using the google authenticator.
It has trouble auto-filling some website logins & forms - most annoying for me is CapitalOne - but for the most part, it makes logging in easy & secure.
|
|
|
10-03-2018, 06:28 PM
|
#37
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2006
Posts: 12,880
|
Since posting this, enpass on my phone didn't work right, and I ended up having to enter a password like &*V6; 9hhf manually. Couldn't copy and paste either.
That's what I was hoping to avoid.
__________________
Al
|
|
|
10-03-2018, 06:45 PM
|
#38
|
gone traveling
Join Date: Sep 2018
Location: Washington, DC
Posts: 575
|
I also use 1Password. I really like making 1, memorable but extremely difficult PW to enter that program, and I then autogenerate all passwords for websites within that 1Password system. I have no clue what the PW's are for the individual websites, but if for some reason I fall, hit my head, and can't get into 1Password, it would be a pain but i can always go through the process of PW resets.
It seems fairly safe to me, so yes, I trust it.
|
|
|
10-03-2018, 07:46 PM
|
#39
|
Thinks s/he gets paid by the post
Join Date: Jun 2017
Location: Chicagoland
Posts: 1,127
|
I use Dashlane but will be switching to LastPass. Except for my Yahoo email being hacked years ago, I’ve never had a problem with passwords.
My credit card, however, is another story. We just had our Chase Sapphire card compromised again. This must be at least the 5th time this card has been hacked. It’s pretty much an annual event.
|
|
|
10-04-2018, 11:06 AM
|
#40
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2006
Posts: 12,880
|
Quote:
Originally Posted by TromboneAl
Since posting this, enpass on my phone didn't work right, and I ended up having to enter a password like &*V6; 9hhf manually. Couldn't copy and paste either.
That's what I was hoping to avoid.
|
I hadn't set up the syncing. This should no longer be a problem.
__________________
Al
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|