Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Password Managers

 Share

Hi was just wondering if anyone could recommend any password managers that the either have experience with or know are well reviewed ?

EDIT: have just noticed that keepass2 is recommended int the free and open source sticky has anyone got any experience with it as ive heard last pass is also recommended 

Link to comment
Share on other sites

Link to post
Share on other sites

I use both lastpass and keepass, mostly lastpass for online, websites etc... and keepass for general passwords and documents.

Both have their uses. Just try them out, both are free.

Please quote my post, or put @paddy-stone if you want me to respond to you.

Spoiler
  • PCs:- 
  • Main PC build  https://uk.pcpartpicker.com/list/2K6Q7X
  • ASUS x53e  - i7 2670QM / Sony BD writer x8 / Win 10, Elemetary OS, Ubuntu/ Samsung 830 SSD
  • Lenovo G50 - 8Gb RAM - Samsung 860 Evo 250GB SSD - DVD writer
  •  
  • Displays:-
  • Philips 55 OLED 754 model
  • Panasonic 55" 4k TV
  • LG 29" Ultrawide
  • Philips 24" 1080p monitor as backup
  •  
  • Storage/NAS/Servers:-
  • ESXI/test build  https://uk.pcpartpicker.com/list/4wyR9G
  • Main Server https://uk.pcpartpicker.com/list/3Qftyk
  • Backup server - HP Proliant Gen 8 4 bay NAS running FreeNAS ZFS striped 3x3TiB WD reds
  • HP ProLiant G6 Server SE316M1 Twin Hex Core Intel Xeon E5645 2.40GHz 48GB RAM
  •  
  • Gaming/Tablets etc:-
  • Xbox One S 500GB + 2TB HDD
  • PS4
  • Nvidia Shield TV
  • Xiaomi/Pocafone F2 pro 8GB/256GB
  • Xiaomi Redmi Note 4

 

  • Unused Hardware currently :-
  • 4670K MSI mobo 16GB ram
  • i7 6700K  b250 mobo
  • Zotac GTX 1060 6GB Amp! edition
  • Zotac GTX 1050 mini

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, paddy-stone said:

I use both lastpass and keepass, mostly lastpass for online, websites etc... and keepass for general passwords and documents.

Both have their uses. Just try them out, both are free.

Ok might give both a try then cheers

Link to comment
Share on other sites

Link to post
Share on other sites

I am using Keeppass, which is quite nice (maybe it's UI isn't as fancy though) and you can configure it to be quite safe.

"We're all in this together, might as well be friends" Tom, Toonami.

 

mini eLiXiVy: my open source 65% mechanical PCB, a build log, PCB anatomy and discussing open source licenses: https://linustechtips.com/topic/1366493-elixivy-a-65-mechanical-keyboard-build-log-pcb-anatomy-and-how-i-open-sourced-this-project/

 

mini_cardboard: a 4% keyboard build log and how keyboards workhttps://linustechtips.com/topic/1328547-mini_cardboard-a-4-keyboard-build-log-and-how-keyboards-work/

Link to comment
Share on other sites

Link to post
Share on other sites

I use lastpass and it's great, 2fa on the app & fill with fingerprint on my android device works wonderfully

Dutch Talk Thread

Unofficial LMG Social Media Accounts Website

Desktop Rig:

CPU: i7-4790K Cooler: Cooler Master Hyper 212 EVO Motherboard: MSI Z97 U3+ RAM: 4x4 GB DDR3 1600MHz GPU: MSI GTX 1070 Ti 8G Case: Corsair 230T Windowed Orange SSD: Crucial BX100 250 Gb PSU: Cooler Master G450M HDD: WD 1 TB Generic

Laptops: Macbook Air 2012 11" baseline (i5-3317U @ 1.7 Ghz) upgraded with a Samsung 850 evo 250 GB SSD

HP Zbook Studio G5 (i7-8750H, 32 GB DDR4 2666MHz, Samsung PM981 512 GB, 970 EVO 1TB, Nvidia Quadro P1000)

Link to comment
Share on other sites

Link to post
Share on other sites

Not kidding here... buy yourself a small, black book and physically write your passwords down. Digitally storing your passwords is fine in a work environment where your company may share passwords and is willing to accept the liability of compromised accounts, but for your personal information, relying on cloud-based solutions where encryption at-rest and in-transit, as well as physical assurance, is subject to the laziest engineer, isn't a risk I'm willing to take. It's only ever a matter of time before your data ends up in the wrong place. LastPass has been breached before, back in 2015, and I'll bet they did the bare minimum to correct that. If you don't have amazing insurance, store your passwords far from the reach of the keyboard cowboy.

 

if you can't remember your passwords, consider following better practices for password creation that allow you to remember them easier. NIST finally admitted that our current password standards/requirements have only added to the complication of remembering them.

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Tiberiusisgame said:

Not kidding here... buy yourself a small, black book and physically write your passwords down. Digitally storing your passwords is fine in a work environment where your company may share passwords and is willing to accept the liability of compromised accounts, but for your personal information, relying on cloud-based solutions where encryption at-rest and in-transit, as well as physical assurance, is subject to the laziest engineer, isn't a risk I'm willing to take. It's only ever a matter of time before your data ends up in the wrong place. LastPass has been breached before, back in 2015, and I'll bet they did the bare minimum to correct that. If you don't have amazing insurance, store your passwords far from the reach of the keyboard cowboy.

 

if you can't remember your passwords, consider following better practices for password creation that allow you to remember them easier. NIST finally admitted that our current password standards/requirements have only added to the complication of remembering them.

I understand your concern about security but that's just a big hassle, password managers are there to be easy to use and more secure than having a single password on all sites.

Dutch Talk Thread

Unofficial LMG Social Media Accounts Website

Desktop Rig:

CPU: i7-4790K Cooler: Cooler Master Hyper 212 EVO Motherboard: MSI Z97 U3+ RAM: 4x4 GB DDR3 1600MHz GPU: MSI GTX 1070 Ti 8G Case: Corsair 230T Windowed Orange SSD: Crucial BX100 250 Gb PSU: Cooler Master G450M HDD: WD 1 TB Generic

Laptops: Macbook Air 2012 11" baseline (i5-3317U @ 1.7 Ghz) upgraded with a Samsung 850 evo 250 GB SSD

HP Zbook Studio G5 (i7-8750H, 32 GB DDR4 2666MHz, Samsung PM981 512 GB, 970 EVO 1TB, Nvidia Quadro P1000)

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, mikat said:

I understand your concern about security but that's just a big hassle, password managers are there to be easy to use and more secure than having a single password on all sites.

Password Managers aren't meant to fix the problem of reusing passwords. That's user-error; software won't fix that. Is it a hassle to take your keys out of your bag to open your door when you get home? Would it make more sense to put all of your keys in a pin-entry lockbox hanging on your front door? That choice is... well, a choice. Risk vs. Reward. I'm advising caution in relying on 3rd parties to solve simple problems like this for us.

 

FYI, if you're just looking to avoid logging into sites you browse on your home computer, your browser can cache all those passwords for you. If the site is sensitive enough to cause financial harm, i.e. email or banking, memorize your password.

Link to comment
Share on other sites

Link to post
Share on other sites

Lol i just have multiple password that arent like each other and i still remember them :D

 

Aka just remember them "ps my brain is like a glass with holes just so you know"

 

@mikat Nice personal message you got there (:O NETHERLANDS)

Tag me if you need me :D

-------------------------------------------------------------------------------------

Desktop:                                       Laptop:        
CPU - i7-4790k                            CPU: I7 7700HQ
GPU - Inno3D 1080TI                  GPU: 1060
Mobo - Gigabyte Z97X-SLI          Memory: 16 GB
Memory - 32 GB DDR3                Storage: 1256GB
Storage - 11 TB

-------------------------------------------------------------------------------------
Phone: ONEPLUS 6 128GB

Link to comment
Share on other sites

Link to post
Share on other sites

5 minutes ago, Tiberiusisgame said:

Password Managers aren't meant to fix the problem of reusing passwords. That's user-error; software won't fix that. Is it a hassle to take your keys out of your bag to open your door when you get home? Would it make more sense to put all of your keys in a pin-entry lockbox hanging on your front door? That choice is... well, a choice. Risk vs. Reward. I'm advising caution in relying on 3rd parties to solve simple problems like this for us.

 

FYI, if you're just looking to avoid logging into sites you browse on your home computer, your browser can cache all those passwords for you. If the site is sensitive enough to cause financial harm, i.e. email or banking, memorize your password.

I understand your concern however it would be predominately for things that i want secure enough through a password manager, personal sensitive information would still be secure through the method you mention but even this has risks  but this will be used more for social accounts etc 

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, BlueCrazii said:

Lol i just have multiple password that arent like each other and i still remember them :D

 

Aka just remember them "ps my brain is like a glass with holes just so you know"

 

@mikat Nice personal message you got there (:O NETHERLANDS)

i cant physically devote the time to allow myself to remember secure passwords for every account i have and would need a fucking novel to write them all down 

Link to comment
Share on other sites

Link to post
Share on other sites

9 minutes ago, Tiberiusisgame said:

Password Managers aren't meant to fix the problem of reusing passwords. That's user-error; software won't fix that. Is it a hassle to take your keys out of your bag to open your door when you get home? Would it make more sense to put all of your keys in a pin-entry lockbox hanging on your front door? That choice is... well, a choice. Risk vs. Reward. I'm advising caution in relying on 3rd parties to solve simple problems like this for us.

 

FYI, if you're just looking to avoid logging into sites you browse on your home computer, your browser can cache all those passwords for you. If the site is sensitive enough to cause financial harm, i.e. email or banking, memorize your password.

Also for your point on browser caching id rather google not have the ability to know the passwords to all my accounts 

Link to comment
Share on other sites

Link to post
Share on other sites

4 minutes ago, shea99 said:

I understand your concern however it would be predominately for things that i want secure enough through a password manager, personal sensitive information would still be secure through the method you mention but even this has risks  but this will be used more for social accounts etc 

Oh, well then by-all-means, though this is largely the same as browser-managed passwords minus the cloud-syncing, which is the vulnerable bit. Don't use Google Chrome and Google won't know your passwords ;-) Actually, in all honesty, if you ever communicated your sensitive information through your Google account, they have it already... but that's unavoidable, right? Who doesn't use GMail these days.

 

Bruce Schneier, a very famous man in the security community, wrote a few programs for password management. No cloud-sync, less risk.

https://www.schneier.com/academic/

Link to comment
Share on other sites

Link to post
Share on other sites

7 minutes ago, BlueCrazii said:

Lol i just have multiple password that arent like each other and i still remember them :D

 

Aka just remember them "ps my brain is like a glass with holes just so you know"

 

@mikat Nice personal message you got there (:O NETHERLANDS)

Personal message? You mean the Signature? Or the thing under my post count?

Dutch Talk Thread

Unofficial LMG Social Media Accounts Website

Desktop Rig:

CPU: i7-4790K Cooler: Cooler Master Hyper 212 EVO Motherboard: MSI Z97 U3+ RAM: 4x4 GB DDR3 1600MHz GPU: MSI GTX 1070 Ti 8G Case: Corsair 230T Windowed Orange SSD: Crucial BX100 250 Gb PSU: Cooler Master G450M HDD: WD 1 TB Generic

Laptops: Macbook Air 2012 11" baseline (i5-3317U @ 1.7 Ghz) upgraded with a Samsung 850 evo 250 GB SSD

HP Zbook Studio G5 (i7-8750H, 32 GB DDR4 2666MHz, Samsung PM981 512 GB, 970 EVO 1TB, Nvidia Quadro P1000)

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, shea99 said:

i cant physically devote the time to allow myself to remember secure passwords for every account i have and would need a fucking novel to write them all down

This is what I recommend. FIrst off I personally wouldn't trust any password manager to my important passwords, just seems wayyyy to risky. but this is what I recommend to people with poor memory. Say you want a password for all your social media accounts. it could start with 'S' then some random characters like 'S2knlpR3' or you can even go full 1337 and do like S0c14l or something like that. but in my opinion don't use a password manager, one good leek and ALL your passwords are there for the public, bank accounts, paypal, facebook, email, etc.

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, NotTristan said:

This is what I recommend. FIrst off I personally wouldn't trust any password manager to my important passwords, just seems wayyyy to risky. but this is what I recommend to people with poor memory. Say you want a password for all your social media accounts. it could start with 'S' then some random characters like 'S2knlpR3' or you can even go full 1337 and do like S0c14l or something like that. but in my opinion don't use a password manager, one good leek and ALL your passwords are there for the public, bank accounts, paypal, facebook, email, etc.

Yes but the point is that if they get leaked, they're just 20 character random passwords so you rotate all your passwords and it's all good

Dutch Talk Thread

Unofficial LMG Social Media Accounts Website

Desktop Rig:

CPU: i7-4790K Cooler: Cooler Master Hyper 212 EVO Motherboard: MSI Z97 U3+ RAM: 4x4 GB DDR3 1600MHz GPU: MSI GTX 1070 Ti 8G Case: Corsair 230T Windowed Orange SSD: Crucial BX100 250 Gb PSU: Cooler Master G450M HDD: WD 1 TB Generic

Laptops: Macbook Air 2012 11" baseline (i5-3317U @ 1.7 Ghz) upgraded with a Samsung 850 evo 250 GB SSD

HP Zbook Studio G5 (i7-8750H, 32 GB DDR4 2666MHz, Samsung PM981 512 GB, 970 EVO 1TB, Nvidia Quadro P1000)

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, shea99 said:

i cant physically devote the time to allow myself to remember secure passwords for every account i have and would need a fucking novel to write them all down 

 

 

Make like4 passwords, and remember them... one for each of these categories

 

 Non financial - Non Personal (Forums, and junk sites)

 Non financial - But with personal information (Youtube, Social email, social media)

 Financial Only (Banking )

 Soft Financial (Paypal, amazon  or anywhere else you make purchases linked to primary bank account)

My username is both misspelled and redundant. Don't take anything I say seriously as I am a moron.     

CPU: Intel i7 4790k GPU: GTX 970 MSI RAM: 16gb of DDR3 hotness Boot Drive: 240gb m.2 samsung 850 evo Storage Drives: 8tb ironwolf, 4tb WD Monitors: 3x HP Elite Displays

  

 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, mikat said:

Personal message? You mean the Signature? Or the thing under my post count?

I mean the thing under your postcounter

Tag me if you need me :D

-------------------------------------------------------------------------------------

Desktop:                                       Laptop:        
CPU - i7-4790k                            CPU: I7 7700HQ
GPU - Inno3D 1080TI                  GPU: 1060
Mobo - Gigabyte Z97X-SLI          Memory: 16 GB
Memory - 32 GB DDR3                Storage: 1256GB
Storage - 11 TB

-------------------------------------------------------------------------------------
Phone: ONEPLUS 6 128GB

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, BlueCrazii said:

I mean the thing under your postcounter

Haha it's what linus is saying in my profile picture

Dutch Talk Thread

Unofficial LMG Social Media Accounts Website

Desktop Rig:

CPU: i7-4790K Cooler: Cooler Master Hyper 212 EVO Motherboard: MSI Z97 U3+ RAM: 4x4 GB DDR3 1600MHz GPU: MSI GTX 1070 Ti 8G Case: Corsair 230T Windowed Orange SSD: Crucial BX100 250 Gb PSU: Cooler Master G450M HDD: WD 1 TB Generic

Laptops: Macbook Air 2012 11" baseline (i5-3317U @ 1.7 Ghz) upgraded with a Samsung 850 evo 250 GB SSD

HP Zbook Studio G5 (i7-8750H, 32 GB DDR4 2666MHz, Samsung PM981 512 GB, 970 EVO 1TB, Nvidia Quadro P1000)

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, mikat said:

Yes but the point is that if they get leaked, they're just 20 character random passwords so you rotate all your passwords and it's all good

yes but MY point is that your passwords 'probably' won't be leaked in the first place or be sold to some poor schmuck, and often when companies have leaks like this they don't say that there was a leak until much after the fact. look at yahoo or others, sometimes they waited months to tell you there was a leak. 

Link to comment
Share on other sites

Link to post
Share on other sites

Okay, at the risk of sounding like a jerk, there are some very dangerous suggestions here. This is for future searchers.

 

Read NIST's new guidelines here : https://pages.nist.gov/800-63-3/sp800-63-3.html

Or read someone's analysis of the new guidelines, like here:

https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Tiberiusisgame said:

Okay, at the risk of sounding like a jerk, there are some very dangerous suggestions here. This is for future searchers.

 

Read NIST's new guidelines here : https://pages.nist.gov/800-63-3/sp800-63-3.html

Or read someone's analysis of the new guidelines, like here:

https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/

It's a matter of how much effort you're willing to put into account safety, for me that's less than for you :)

Dutch Talk Thread

Unofficial LMG Social Media Accounts Website

Desktop Rig:

CPU: i7-4790K Cooler: Cooler Master Hyper 212 EVO Motherboard: MSI Z97 U3+ RAM: 4x4 GB DDR3 1600MHz GPU: MSI GTX 1070 Ti 8G Case: Corsair 230T Windowed Orange SSD: Crucial BX100 250 Gb PSU: Cooler Master G450M HDD: WD 1 TB Generic

Laptops: Macbook Air 2012 11" baseline (i5-3317U @ 1.7 Ghz) upgraded with a Samsung 850 evo 250 GB SSD

HP Zbook Studio G5 (i7-8750H, 32 GB DDR4 2666MHz, Samsung PM981 512 GB, 970 EVO 1TB, Nvidia Quadro P1000)

Link to comment
Share on other sites

Link to post
Share on other sites

5 minutes ago, NotTristan said:

This is what I recommend. FIrst off I personally wouldn't trust any password manager to my important passwords, just seems wayyyy to risky. but this is what I recommend to people with poor memory. Say you want a password for all your social media accounts. it could start with 'S' then some random characters like 'S2knlpR3' or you can even go full 1337 and do like S0c14l or something like that. but in my opinion don't use a password manager, one good leek and ALL your passwords are there for the public, bank accounts, paypal, facebook, email, etc.

The trouble is my memory obviously if i could i would but my idea was that i wouldnt let these apps have data for my more sensitive password protected stuff and instead would devote these to my memory 

 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, mikat said:

It's a matter of how much effort you're willing to put into account safety, for me that's less than for you :)

I agree with you completely. Get back to me on that when you've lost your life savings...

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Tiberiusisgame said:

I agree with you completely. Get back to me on that when you've lost your life savings...

Oh I don't store my banking information in lastpass, it's not secured by password but by other means

Dutch Talk Thread

Unofficial LMG Social Media Accounts Website

Desktop Rig:

CPU: i7-4790K Cooler: Cooler Master Hyper 212 EVO Motherboard: MSI Z97 U3+ RAM: 4x4 GB DDR3 1600MHz GPU: MSI GTX 1070 Ti 8G Case: Corsair 230T Windowed Orange SSD: Crucial BX100 250 Gb PSU: Cooler Master G450M HDD: WD 1 TB Generic

Laptops: Macbook Air 2012 11" baseline (i5-3317U @ 1.7 Ghz) upgraded with a Samsung 850 evo 250 GB SSD

HP Zbook Studio G5 (i7-8750H, 32 GB DDR4 2666MHz, Samsung PM981 512 GB, 970 EVO 1TB, Nvidia Quadro P1000)

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×