Smart Error

New Member
Hi guys,

I liked to open this topic to discuss an issue with LastPass or passwords managers in general
imagine that you stored all your passwords in one of those managers ..
and someone achieved to gain your master password of this password manager

then all your websites passwords are going to be on the hand of that hacker
It's like , you're giving him all your critical information as a piece of cake.

the question is .. how those passwords manager could be safe .. and how they couldn't ?
 

McLovin

Level 73
Verified
Trusted
Malware Hunter
Well, I recently did a re-image of my machine and I have so far not put any password manager on my browsers yet, but the one that I normally use is LastPass. Easier as well, because I know people that have so many password and they store it in a word document and they forget the password for that word document and they have lost all their passwords. So LastPass is my option.
 

win7holic

New Member
I ever use it. because, just wanted to know.
In my opinion: Never safe and never believe to store passwords in the software (since, still can be hacked though difficult) is the most safest way to your brain, even it could be forgotten as well, but still better that way can not be hacked.
 

Smart Error

New Member
there's an option in FireFox to put a master password on all saved passwords
why users don't exploit it and use it instead of choosing passwords manager..

personally, I don't use any password managers..
I rely on my mind to memorize all the passwords .. that is the safest pass manager =)
 

McLovin

Level 73
Verified
Trusted
Malware Hunter
Correct FireFox has a password manager, same with Chrome, but with IE, well you can't view the password, I think?
 

McLovin

Level 73
Verified
Trusted
Malware Hunter
Well in that case then FireFox and Chrome are the best by default with password managers.
 

WinAndLinuxTutorials

New Member
Verified
Trusted
For me, a password manager does the job. I am a very forgetful person. I know I can use the browser's default password manager, but I have two Operating Systems on my main machine, and I use both of them frequently. Being a lazy person also :D, it becomes hard for me to store passwords on both web browsers.

EDIT: Never thought of a password-protected MS Excel file, is it insecure?
 

MrXidus

Super Moderator (Leave of absence)
Use a strong hard to guess password that involves series of numbers and symbols and not a familiar word someone could associate with you or try to guess easily "such as your dogs name".

Take the time to memorize it and you will not have to put up with any password manager pirate looking to get hes grubby hands on ye treasure passwords. Always worked for me. Thanks.
 

muhammadariif

New Member
I've tried LastPast earlier, but the default password manager easier to use

Google chrome has it's own password synchronization, but to be logged in to use this function.
 

jamescv7

Level 61
Verified
Trusted
For Lastpass its definitely good password manager, just make sure that the master password is strongly hard to crack and no one must know it cause if it happens the effectiveness of password manager is literally useless since its compromised already.

For traditional at all, Brain is really a must.
 

Jack

Administrator
Verified
Staff member
Smart Error said:
then all your websites passwords are going to be on the hand of that hacker
It's like , you're giving him all your critical information as a piece of cake.

the question is .. how those passwords manager could be safe .. and how they couldn't ?
Well the only way a cyber criminal could get your master password is by using keylogger...and if that's the case than I'm sorry to say that using the traditional 'I will remember my pass' way won't help you because they will get your passwords as you type them...

Now because Lastpass has forcen this probems they have introduced awhile ago a new free multifactor authentication feature called : Grid



If you go to your account , you'll see that you have differents level of security that you can enable, by default everything is on Normal but you can modify those settings.....
[attachment=1029]

If you still think that this isn't enough than you can buy the Lastpass premium which comes bundled with even more security features.


Now , you should realize that this is just a password manager so it's not his job to protect your system.... Preventing keylogger and stopping cyber criminals from infecting your system it's the task of your real time protection so don't ask overestimate what this tool can do...

There are some obvious advantages when running this type of software, you can use unique and complex password for each site without the hassle of needing to remember them. As another '+' Lastpass can prevent your from filling your password/username in phising page like paypalll.com for instance....
 

Attachments

Last edited:

iPanik

New Member
I agree that only using one password for a password manager might not be enough. This is where two-step authentication comes into play :)

We know that lastpass uses state of the art encryption, so it all depends on the authentication.
I use Lastpass with the google authenticator, and a strong password. Not even phishing can break that.
I also get a notification when my account logs in at a new location.

My password is a series of words that makes no sense in a sentence. This method also makes it very long, so good luck brute forcing it.
If someone should get there hands on my password, they would also need my cellphone to get the google auth code.

I think my LastPass is secure enough :)