Password manager programs

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • jussi
    Veteran Member
    • Jan 2007
    • 2162

    Password manager programs

    Anyone use one? I have so many log-ins and passwords it's hard to keep track anymore. I won't be using it for critical sites like my bank or paypal. Those I use enough and are important enough for me to remember. But more for forums and stores I don't visit often. I currently have some of them on evernote but I still have to look it up and type it in. I was looking for a 1-click solution. There are several out there. Just wondering if anyone has any personal experience.
    I reject your reality and substitute my own.
  • Stytooner
    Roll Tide RIP Lee
    • Dec 2002
    • 4301
    • Robertsdale, AL, USA.
    • BT3100

    #2
    I use Identity Safe from Norton.
    It works well for me. It comes packaged with 360, which I use anyway, but I think it is available stand alone as well. It is free.


    The thing about it is that you do not even need to use a password that you can remember. You can change the passwords often and even print out a hard copy.
    Last edited by Stytooner; 05-08-2014, 04:45 PM.
    Lee

    Comment

    • capncarl
      Veteran Member
      • Jan 2007
      • 3564
      • Leesburg Georgia USA
      • SawStop CTS

      #3
      In my humble opinion, password manager programs are a recipe for disaster. Don't think for a minute that they can not be hacked. Then what?

      Comment

      • LinuxRandal
        Veteran Member
        • Feb 2005
        • 4889
        • Independence, MO, USA.
        • bt3100

        #4
        Originally posted by capncarl
        In my humble opinion, password manager programs are a recipe for disaster. Don't think for a minute that they can not be hacked. Then what?
        If it is on the computer and they have physical access to it, it is already too late.
        She couldn't tell the difference between the escape pod, and the bathroom. We had to go back for her.........................Twice.

        Comment

        • Stytooner
          Roll Tide RIP Lee
          • Dec 2002
          • 4301
          • Robertsdale, AL, USA.
          • BT3100

          #5
          Not sure what you mean. Sure it is on my computer. I have a secured network and firewalls. I am not concerned about my Family. No one else uses my Desktop anyway. How can it be too late?

          I admit I was very skeptical at first, but I have been using it for over a year with no issues.
          Lee

          Comment

          • Condoman44
            Established Member
            • Nov 2013
            • 178
            • CT near Norwich
            • Ryobi BT3000

            #6
            Password Storage

            My setup is similar to Stytooner except I keep my passwords in the Onenote folder with all other info about a site, with one difference; all passwords are a symbol of what they are. Like it might say first dog + Frank & Mary. Which would mean spike8489 for the birth year of those people. No where in the folder will you find mention of that data in its real form.

            The only change I have made recently was to switch from Evernote (old version) to Onenote and I never have my NAS connected all the time because that is one place by backups are. A hot key will connect when needed.

            Comment

            • capncarl
              Veteran Member
              • Jan 2007
              • 3564
              • Leesburg Georgia USA
              • SawStop CTS

              #7
              The hackers have been too buisy to mess with our little stuff. Secure networks and firewalls are to keep the wanta-be hackers out. As long as the hackers are allowed to do as they will and their victims can only add defencive measures it will only get worse.
              I was at the Dr.'s this week and was asked to review my personal information sheet. When the clerk asked me if everything looked all right I told her not really, why are you using my SS # as the file number? Her reply, it never gets out of our office. Real reasuring.

              Comment

              • Mr__Bill
                Veteran Member
                • May 2007
                • 2096
                • Tacoma, WA
                • BT3000

                #8
                I use Last Pass. It's free to use on the pc and $12 a year for the phone. So far so good.

                Bill

                Comment

                • Condoman44
                  Established Member
                  • Nov 2013
                  • 178
                  • CT near Norwich
                  • Ryobi BT3000

                  #9
                  Medicare Card

                  This year I finally made a color copy of my Medicare card without the SSN. The first office person that asked for it said something was wrong because the number was missing. I explained why and gave the number to her.

                  Comment

                  • cwsmith
                    Veteran Member
                    • Dec 2005
                    • 2737
                    • NY Southern Tier, USA.
                    • BT3100-1

                    #10
                    Personally speaking, I don't trust embedded password managers. While I can't point to any particular flaw or defect, it just seems like it might be vunerable to any smart hacker. I look at it this way: You can take any number of us and we might well share some ideas and methods by which we keep passwords; and individually one certainly may not be worth the effort to be personally targetted.

                    However, if a few thousand of us are using the same method/software to organize and alledgedly "hide" our passwords on our computer... then how easy would it be to research and discover that method of organization and encryption? Seems to me, one would only have to get the same software, figure out it's encryption method and where on a typical system it stores such information. With several thousand people using the same software, it then becomes a possibility worth going after by some ill-meaning hacker who could then use robot-like probes via cookies to explore anyone's system.

                    I do use a method... it's in the form of a simple log book, paper with my own written notes. Seems a bit old-fashioned, and perhaps rather stupid in it's obvious "somebody could find it". But, they'd have to break into my house, getting past the security system, then go find the room where I keep my laptop, and then search through the drawers, cabinets, and book shelves to find the log book... if they can even imagine that I have one. And, most importantly, they'd have to spend all that effort on just me, and with the thinking that I have something really terrific hidden to be worth all that effort (and risk).

                    I think that sometimes "simplicity" is the the best way.

                    CWS
                    Last edited by cwsmith; 05-10-2014, 05:51 PM.
                    Think it Through Before You Do!

                    Comment

                    • Stytooner
                      Roll Tide RIP Lee
                      • Dec 2002
                      • 4301
                      • Robertsdale, AL, USA.
                      • BT3100

                      #11
                      Even with a notebook in a safety deposit box, the information still exists. Even if you memorize them.
                      It is on the servers of the sites you visit. Chances are just as likely and maybe even more so that they would target that institution or web store well before any personal attack unless you have oodles of bucks.

                      I have been using Norton for years and I trust them to make sure the products I have are safe and up to date. They have not let me down. It really is low cost insurance. Nothing is ever totally secure, so the best one might hope for is to do due diligence to keep things as secure as possible.
                      The Identity Safe also saves me quite a bit of time over the course of a week or month. That is a bonus.

                      It makes changing passwords more often effortless as well. I am pretty much sold on it until someone proves me wrong or I get burnt. Another reason not to keep too much cash in a Paypal account.
                      Lee

                      Comment

                      • Neal
                        Established Member
                        • Apr 2012
                        • 181
                        • Williamstown, WV (Mid Ohio Valley)
                        • Ryobi BT3000

                        #12
                        From the Wall Street journal.

                        I haven't used any but it addresses your original question

                        Comment

                        • woodturner
                          Veteran Member
                          • Jun 2008
                          • 2047
                          • Western Pennsylvania
                          • General, Sears 21829, BT3100

                          #13
                          Originally posted by LinuxRandal
                          If it is on the computer and they have physical access to it, it is already too late.
                          Or if it is on the computer and the computer ever accesses a network or the internet.....
                          --------------------------------------------------
                          Electrical Engineer by day, Woodworker by night

                          Comment

                          • woodturner
                            Veteran Member
                            • Jun 2008
                            • 2047
                            • Western Pennsylvania
                            • General, Sears 21829, BT3100

                            #14
                            Originally posted by Stytooner
                            I have been using Norton for years and I trust them to make sure the products I have are safe and up to date. They have not let me down.


                              Image via Wikipedia I detailed the attack by hackers on Symantec, the maker of popular Norton Antivirus software in my article, "Lords Of Kings Hack Norton Antivirus, Are You Safe?" Subsequently, Symantec’s take on the hacking was detailed in "Symantec Says Norton Is Safe After Lords of Kings Attack." Symantec had stated that [...]


                            No site, software, or password manager is safe from hackers or can be made absolutely safe from hackers.

                            Password managers are a sweet target for hackers. When they crack a password manager, they get access to passwords from everyone that uses that software. Individual users usually are less aware of security issues and don't have teams of people responding to every hint of a potential problem, unlike companies. As a result, hackers can get the passwords, run up charges on credit cards, clean out bank accounts, etc. and be gone long before the theft is even noticed. As a result, there is little consequence and huge financial incentive for the hacker.

                            There are good reasons network security folks, programmers, government agencies, and others "in the know" don't use password managers.

                            For those interested in alternatives, there are simple ways to remember hundreds of passwords so that you don't need the manager or to write them down. In addition, these methods provide a means to write down a "hint" that is meaningless to anyone else but provides a way to recover a forgotten password. I described one method in a prior thread, but there are others.
                            --------------------------------------------------
                            Electrical Engineer by day, Woodworker by night

                            Comment

                            • Stytooner
                              Roll Tide RIP Lee
                              • Dec 2002
                              • 4301
                              • Robertsdale, AL, USA.
                              • BT3100

                              #15
                              One thing I do find interesting is that my bank require's a Fob to update my direct pay payments to employees from my business account. The code changes like every 5 minutes. Maybe 10. We have to type in that roving code to update the payments.

                              I can see how that might get hacked someday, but I do think this may be the direction that security will be going to in the future.
                              I know some CAD software require's an up to date dongle in order for the software to work.
                              Kind of similar I think.

                              I do not save CC info in it and never do that on a web site. I don't let the browser keep my passwords. I also check my accounts daily or every two days and check on them making sure nothing unauthorized is there. It's all part of a due diligence regimen.
                              Lee

                              Comment

                              Working...