You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
I keep reading about these being a good idea so thought I would start using one but which one?
At the moment my password is Pa55word1 on all websites I visit which is nice and simple to remember.
I use my Android phone, Chrome on home desktop, Chrome, Internet Explorer or Edge on two works laptops. I also sometimes need access from public machines or friends phones etc.
What will give me security across all the different websites I use - STW and Facebook?
** That might not be my actual password and there may be other sites I use requiring passwords but you get the basic idea.
Watches with interest.
I use 1password (1password.com) which has been pretty decent and works on pretty much everything (including having a browser version). Have also used LastPass (lastpass.com) but found that a bit clunkier.
1password or Lastpass
I use Lastpass
I wouldn't trust these sites which claim to keep passwords safe, there's been all manner of supposedly high security companies have had their databases hacked. From banks to internet providers and about everything in between.
Buy a little notebook and record them in there.
dyna-ti, the sites don't have access to your passwords. They carry an encrypted database which gets decrypted and accessed locally (using your key and password), so even if they were hacked your passwords would still be inaccessible to the hackers.
I use Dashlane - been fine
Lastpass was taken over over logmein a while back and they have made some changes to commercials.
As a result I and lots of others have moved to bitwarden.
It autofills on Android and chrome, generates strong passwords for you and generally makes using a password as painless as possible.
I use PasswordSafe because Bruce Schneier recommends it. That, and it's free. And open source. I use DropSafe to keep the password file synced across devices using Dropbox.
So I pick a password manager. If I want to leave or they go bust, how do I get all the weird autogenerated passwords back?
I use PasswordSafe because Bruce Schneier recommends it.
This is about the best recommendation you can get. Also Bitwarden (good phone app, basically all the features you need in the free version). I also use keypass if I want to keep something off offline (eg on a fob).
In terms of losing your passwords if the company goes under. I believe the reputable ones like password safe, Bitwarden, save the database of passwords locally. If they go bust it’s only the syncing of passwords etc that fails. Ie you can still access the passwords though some functionality will be lost plus the software won’t be updated.
^^^ worst case would be simply to click on ‘forgotten password’ the next time you log in to websites to generate a new one.
Lastpass is really good. You have to pay if you want to use it on more than one device though (phone and PC for example). I moved to Bitwarden which is good but the integration with PC browser and phoen etc isn't quite as nice as Lastpass - a bit slower to pop up, keeps asking for extra authentication when that option is turned off and sometimes misses when you've create da new login and doesn't save the password, so you end up having to do a reset password/manual generate/manual save.
I moved from Lastpass when they started charging for it and just reverted to the built in Chrome one. Works great.
BitWarden here.
Leaving aside the complex passwords thing, I would say that enabling strong, quality MultiFactor Auth (Google Authenticator type of thing) on everything that supports MFA/2FA is the best thing you can do.
Also, long is strong. Use a pass _phrase_ that is easy for you to remember and unique to the account. It's better than using a 10 digit random garbage string that you need a password manager for. 16-20 characters is a lot harder to guess than 10.
KeePass, its multi-platform, and the best bit the encrypted database for it you can have on say Dropbox or Onedrive. Then set the database up so its locally cached on your devices from Dropbox/Onedrive. Then as well as a password to access it, you can use a keyfile which you manually install on the devices you want to use the password manager on.
Keypass here as well. Android app on my phone and Chromebook. Windows app on windows with Google drive sync plugin. Job jobbed and no cost unless you wish to donate.
Use Norton 360 and their Password vault. I can install the vault extension on browsers on multiple machines and can access passwords on those machines, and can use the android version on my phone to access passwords when i am working remotely. Has a password generator etc.
360 also has a VPN so it covers all those security basics in one package.
Fully expect someone to advise me of 360's shortcomings, but as a non-techie, it takes care of all that stuff for me. Seems like good value for 10 devices.
I use Lastpass but really not a fan of the interface and unless you pay for it you can't use on desktop and phone. Keen on finding something else to be honest.
We use Keeper. Works fine and seemed to be highly recommended. Used it to persuade MrsG to use a different password for every use. I guess there is always a chance of the password app being hacked but it’s much less of a risk than using one PaSSW0rD1
LastPass and pay for it for the family. That way we can share folders of common stuff like utilities and also do the whole emergency backup stuff for other things we might need to access if something goes wrong
Use Lastpass because I have to for work, just on a Mac. Use and pay for 1Password for personal use.
1Password is so much better. Better features, better interface. LastPass is a clunky POS.
What do they offer above just using the password manager in a browser?
Lastpass here. I even pay for it now since rh the change of ownership. Have a family plan as it works out cheaper for me and my son.
Just need to convince my wife to use it now. She has a couple of passwords that she recycles but seems to always have to reset her password "because the website doesn't recognise my password, I'm definitely typing it in correctly'. Was a nightmare setting up her Google account on a new phone, oh how we laughed 😩
bails
Full MemberWhat do they offer above just using the password manager in a browser?
Work on (almost) any device/browser, autofill inside apps not just web pages, can keep secure notes as hints to yourself about non-password but still sensitive data.
I'm an ex-LastPass user. I actually had a premium account but as soon as Logmein got involved I switched to BitWarden as LogMeIn are bumholes. It's actually a lot better than LastPass.
I moved from lastpass to Bitwarden about a year ago and it's the best thing I've done.
Lastpass was taken over over logmein a while back and they have made some changes to commercials.
Yep, it went from being usefully cheaper to much the same price as rivals. I still use it but if you’re starting from scratch see if 1password or dashlane or others offer something you like better.
Another happy convert from LastPass to Bitwarden
I just use Google Chrome / Android password manager. Not sure if password specific apps do anything more, but I have my passwords stored on any device and auto-filled across apps and websites. It's way less unobtrusive and easier to use than password managers I've tried.
willard +1, manually typing passwords in, is no longer a pain.
Though some sites will not allow you to enter password that long, which is annoying.
Cougar's favorite xkcd password strip:
Lastpass here. We have a business account through work which enables me to attach a personal account to it
Bitwarden for me - it works on all the devices and importing is a breeze
1Password if you want a paid-for service that does multiple users etc. Recommended by Troy Hunt who is the industry leader on password management, he runs HIBP.com which tells you how often your passwords have been lost, or used elswhere - OP I would recommend you have a look at that and see just how insecure your password is !!!!
Z1ppy - I can make up and remember difficult passwords, I just can't always remember which of the X,000 bloody ones I have created relate to which site unless I make them obvious like "S1ngl3TrackW0rld" for a well known and much loved site I use
Use a pass _phrase_ that is easy for you to remember and unique to the account. It’s better than using a 10 digit random garbage string that you need a password manager for. 16-20 characters is a lot harder to guess than 10.
Well, YMMV but I can't remember 150-odd passphrases any more than I can remember that many complex passwords. And if you're using a password manager anyway, you can have the random complex passwords 16-20 characters or as long as you like.
Anyway, Bitwarden convert from LastPass here, I preferred the LastPass interface but the price rise was too much of a pisstake.
“S1ngl3TrackW0rld”
Point of note here, L33tsp34k has been fooling precisely no-one for years. Letter➡number substitution is largely pointless.
Used to use keepass with veracrypt and Dropbox for years and it worked just fine. However, and I know this isn’t helpful, there is a security issue in that setup (might have been veracrypt which was used to encrypt the database) that made it unsafe.
So I swapped to LastPass which was fine. The integration with websites and phone apps is very good. It also tells you off for reusing the same password all the time (which is actually a bit annoying).
Then they put the price up for multiple devices (pc, android phone and iPad in my case). So I tried BitWarden but it just doesn’t integrate as well. Gritted my teeth and paid up for LastPass family account and then let the (teenage) kids use it too.