Passwords

imoldernu

imoldernu

Gone but not forgotten
Joined
Jul 18, 2012
Messages
6,335
Location
Peru
I need help. :(

Since I started playing with computers, (an "Adam" that I won in a sales contest from my company in 1983) I've been to so many websites that require a "sign in" that the current total is over 600... faithfully kept on an ever increasing spreadsheet. While there are probably only 25 or so different passwords, it's a formidable task to look up the right one for websites that I don't usually frequent.

When I cry on my son's shoulder about this, he tells me to use Password Keeper or something lake that. That's ok, but if I have to go through the process of changing over my password in every website, it's will likely be a year or so out of my remaining few years of life... or going through a new process every time I go to a site, to create a new (password keeper) link. Hey!... at this point, by the time I've done the changeover, i will have forgotten why I wanted to go to that site in the first place.

This can be the shortest thread in history, if someone will just confirm that there's no easy way to do this... Then I'll be satisfied. Otherwise, I'll just wander thru life... wondering if there might have been a better way.

Thanks...:)
 
Yes, your son is giving you good advice. You need a password manager. There are a number of options. LastPass, the one I use, will let you keep your current password, and just make a record of it when you log into a website.
 
I have 3 levels of passwords. The first is for sites where if someone got my password it would be no big deal because of the nature of the site (non-financial) and I use one simple password for all those sites. The other extreme are sites with financial info (banks, Vanguard, credit cards, etc.)... for those I have a base password with a 3-4 character prefix unique to that site. For sites in-between I have a password that is more complicated than the first password but not unique to each site.

It works for me and I have not been hacked but I concede that I still could be.
 
MichaelB said:
Imoldernu isn't familiar with password managers, so you might consider a comment as to why you feel this is a good option for him.
Click to expand...

DW, (the former software developer), set ours up, and basically all I know is, that if it's effective and simple enough for me to use, (and it's apparently very effective), it's worth a try.
 
Using unique passwords - especially for "important" accounts - is all well and good, but also consider using a unique account name for different accounts too.

Most financial sites allow you to change your account name as well as your password.
 
I second keepass. It keeps your passwords in an encrypted database which itself has a password, meaning you only need to remember that one PW. In addition to the master PW, the database can be linked to a "key file" on your computer (can be anything, a picture of your favorite geisha girl, for instance), or it can be linked to a certain windows login. Or any combination of the three.

The database can be organized so you can group PWs by category. There's also a search function so you can easily find the PW you are looking for. There's also a random password generator, so you can have strong, unique passwords. For example, one of my passwords is FU54p7azIBW28gffcM1l .

It's easy to copy and paste usernames and passwords, and it supports an autotype function so both the username and PW can be automatically entered into your browser.

Best of all, it's free, open-source software.

I haven't used any of the other available programs, but I'm sure they are similar. I'm sure some work better in some ways and others work better in other ways.
 
My password keeper shows I have 227 passwords. I don't use all of them as some I've probably only used once like having to register to buy a concert ticket.

I've had to do password changeovers a few times. Once was after having a keylogger on my PC I couldn't trust any of my passwords so had to all of them (what fun...NOT). Other times were changing password managers.

I'd go insane with a password manager. When you get one, also get one that has a "notes" section to record notes on stuff. Comes in really handy to keep the challenge questions and answers (You know, what is your favorite ice cream, in summer on Saturday?).

Since your current system is on a spreadsheet, copy/paste is your friend so you don't have to manually type all of your passwords.
 
I use Password Safe an open source project that Bruce Schneier was involved with. No idea whether it is better or worse than others, it's just the one I started with. I don't use the app developed complex passwords because I prefer to have something I can remember at common sites so I don't need to activate the password manager all the time. I use pass phrases that are pretty weird but easy for me to remember. All of this stuff is eventually going to go to hell in a hand basket when I get old enough for my memory to fail. I am hoping Password Safe will open things up to my son and daughter. I have been thinking of eventually pruning some of the sites I never access from my massive PWS list to make it easier for them.

Edit: ditto the Notes section that easysurfer mentions. I make more use of that than the passwords themselves. On many accounts, the notes section includes my info, my DW's and DD's. I have notes on the whole family's SSNs, Netflix accounts, and on and on. The notes are encrypted so they are safe.
 
Last edited:
I change the passwords on our financial accounts that we use on a regular basis every three or four months.

Slight change, but a change nonetheless.
 
Whatever you do dont make the mistake of using the same password across websites. Since this is a cardinal rule a password app is the best solution. Lastpass syncs across your devices so your passwords are everywhere.

I suggest whenyou implememt you do all financial accounts day one. Then get important or private accounts done over the next month. Non important accounts yiu can just do when you access them.
 
mpeirce said:
Using unique passwords - especially for "important" accounts - is all well and good, but also consider using a unique account name for different accounts too.

Most financial sites allow you to change your account name as well as your password.
Click to expand...

When possible, I try the unique account name and password. Pretty painless as long as I make sure to keep my password manager file backed up. My account includes something like 6 randomly generated numbers. Plus, passwords are randomly generated (for the most part). I say for the most part as on some that I have to enter in with a cell phone, I use a site that generates writeable passwords so no struggling with the phone.

The safest account names and passwords are ones I don't know and remember :).
 
MichaelB said:
Imoldernu isn't familiar with password managers, so you might consider a comment as to why you feel this is a good option for him.
Click to expand...
Thank you Michael...
It was the "process" for installing the password manager that I was hoping for.

I still not sure about going to a password manager. Does it mean that when I go to :confused::confused::confused::confused::confused:?? that I have to sign in, go to "change my password" and then go thru all of the verification steps again, or is there a one-click way to do this, so that the password manager automatically takes over. Chrome already saves my passwords for most sites, but the problem comes in when I go to a website that I haven't visited for a year or so.

Thanks to all... :flowers:
 
imoldernu said:
Thank you Michael...
It was the "process" for installing the password manager that I was hoping for.
Click to expand...
I got that. With LastPass, when you visit a website and log in with your username and password, LastPass has a drop down window that asks if you want to save that info. You click yes and that entry is saved. When you return to that website, LastPass will automatically fill the login info, you just click enter. You also have to option of automatically logging in. Transitioning to LP is very easy.

Some web sites are designed to not work this way. In that case, LastPass has a secure notes section, you can create an entry for the website with the username, PW, and any other info you want.

I'm not advocating LastPass, just explaining, and am interested in reading how other PW managers function.
 
Last edited:
Here's an interesting article about password managers:

Password managers are all designed to take the pain out of remembering hundreds of unique passwords—a necessity if you want to minimize your security risks. There are many to choose from, though, including your browser's built-in password saving feature. Let's take a look at these tools and how they stack up against each other in terms of security.
Click to expand...
deadspin-quote-carrot-aligned-w-bgr-2<\/title><path d="M10,3.5l3-3,3,3Z" style="fill:%23fff;stroke:%23fff"/><path d="M0,3.5H10l3-3,3,3H26" style="fill:none;stroke:%231b3a4d"/><\/svg>')}.f_branding_on.blog-group-deadspin .editor-inner.post-content .pu

The main topic is which is most secure, but also goes over the different types: Browser-based, Web-based, Local and goes over the pros/cons of each.

I use a local password manager as I'm kinda paranoid of having my passwords outside of my own possession :(.
 
imoldernu said:
Thank you Michael...
It was the "process" for installing the password manager that I was hoping for.

I still not sure about going to a password manager. Does it mean that when I go to :confused::confused::confused::confused::confused:?? that I have to sign in, go to "change my password" and then go thru all of the verification steps again, or is there a one-click way to do this, so that the password manager automatically takes over. Chrome already saves my passwords for most sites, but the problem comes in when I go to a website that I haven't visited for a year or so.

Thanks to all... :flowers:
Click to expand...

I'd think that since you'd be only transferring (maybe done with lots of copy/pasting), the end result of any more verification shouldn't be any different than if you used the passwords from your current password spreadsheet.

In other words, if you haven't signed on to a site in a year and the password requires changing, regardless of stored in manager or spreadsheet, the password is expired and needs changing. But if current in the spreadsheet, will be current in the password manager.
 
You can think of password manager software as a specialized form of spreadsheet or database. A good password manager will let you import your existing passwords so you need not change them or even transfer them by hand.
 
GrayHare said:
You can think of password manager software as a specialized form of spreadsheet or database. A good password manager will let you import your existing passwords so you need not change them or even transfer them by hand.
Click to expand...

That's really a good point about the importing. Can the popular managers import from a spreadsheet? If so, that might save imoldernu from lots of typing if he decides to go that route. Of course, this assumes comfort with exporting and importing.
 
Last edited:
imoldernu said:
.
It was the "process" for installing the password manager that I was hoping for.
Click to expand...

On the link I posted, under Downloads, it says: This package contains everything you need to use KeePass. Simply download the EXE file above, run it and follow the steps of the installation program. You need local installation rights (use the Portable version below, if you don't have these rights).

(As previously noted, I haven't done it, but DW has.)
 
I know I'm in the minority here on this, but I've been happily using 1Password for over ten years now and haven't had a problem with it yet. Syncs across all devices and very easy to use.
https://1password.com
 
There are several perfectly decent password managers (including KeePass and 1Password), and some that aren't. I use LastPass and like it, partly for the secure synching of passwords (and other data I store) to the cloud so that I can use it anywhere I want, but some people don't like cloud services so other products would be a better choice for them.
 
For simple websites that don't keep sensitive personal info, I just use a couple of simple passwords I reuse. My web browser remembers the password for me. Also easy to reset.

Totally different story for financial sites.
 
If you live in the Apple ecosystem, iOS and MacOS have a built in password manager that stores accounts and passwords in what they call the Keychain. It is used by Safari and is available to apps as well - more apps will be using this as iOS 11 rolls out. It's cryptographically strong and also very convenient.

I'm comfortable using it for almost all my passwords. A deep dive into how it works can be found at:

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

That said, I memorize the account/password for a few of my core financial accounts. I change the complete account name and password on these accounts from time to time.
 
I don't use a password manager since I don't trust any program with my whole digital life.
One option is set up a Veracrypt container and keep your passwords in it.
 
You must log in or register to reply here.

Similar threads

S
TurboTax on a Mac puts an unknown password on the file
Replies
10
Views
404
braumeister
braumeister
F
Anyone Else Having Trouble With Outlook?
Replies
6
Views
432
street
street
aja8888
Bitwarden account - Attempted hack today
2
Replies
30
Views
1K
BeachOrCity
BeachOrCity
R
Need help to unlock/reset Thinkpad E570
Replies
7
Views
300
target2019
target2019
PaunchyPirate
Helping an elderly parent stay on top of their financial accounts
Replies
24
Views
1K
1242Vintage
1

Latest posts

Back
Top Bottom