Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
General Apps
Passwords and passkeys
Password Manager Poll (2022)
Message
<blockquote data-quote="piquiteco" data-source="post: 1017317" data-attributes="member: 96829"><p>Yes, you are right, the password manager was created to make it more convenient, instead of remembering dozens of passwords, you need to remember only one that, only you know the master password of your PM.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></p><p></p><p>Yes everything can be hacked, especially internet connected devices, yes 2FA can be bypassed and circumvented, either by using reverse proxy or stealing your cookies with your saved session.</p><p></p><p></p><p></p><p>Yes, correct TOTP is time based so it expires after 30 seconds or 60 seconds. I would not say that, if I were you, that TOTP is useless for a hacker after the token expires, depending on many of the circumstances, today we have security key like Yubikey, proving that TOTP can be ignored. Many companies and people use security key. If the hacker wants and you are an important target, somehow he will achieve his goal, which is to gain access to everything and steal whatever he wants and then leave without you having noticed.</p><p></p><p></p><p></p><p>Yes, the master password is physically typed of course, yes correct, a keylogger can capture it when you type your password from your keyboard, I suppose everyone who uses a PM knows this, or am I wrong? I always enter my master password only on my device that I use, like on my laptop, desktop, on my phone, which I know is trusted and is clean of malware, keylogger etc. I will never use my PM on a stranger's machine, even on my father's computer I think ten times before entering my password. Wait... there is maybe use yes [USER=61091]@simmerskool[/USER] sends a hug! I enter my master password in the Keepass Secure Desktop and the Keylogger is useless and will not capture my master password when I type it.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" /></p><p></p><p>About the size of my master password is my secret that only I know, and your secret too that we can't reveal, I will not tell you how many characters I use my master password, but it is huge, long and tedious to type, probably much more than 80 characters just multiply 80x7 and you will know the size. If you have a PM and are going to use a weak master password, then it doesn't make sense to use a PM, it's better to leave it saved in the browser. I was talking to [USER=64945]@R2D2[/USER] about "Double blind password" just a suggestion, that I had seen a few years ago, I didn't tell him to use it that way, it makes it a little inconvenient, having to type a password + a suffix or prefix but there are people who use it that way, as Lastpass suffered a violation, he got a little thoughtful, and the master password he uses according to him reported is strong, I believe in what he said, but and Lastpass is being transparent with their users? Note: I am not defaming Lastpass just commenting on the incident, don't get me wrong folks.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></p><p></p><p>[USER=55987]@HarborFront[/USER] was nice talking to you, just hope you do not take me wrong, suddenly I wrote something that you may think I am offending, but I am not, I have great respect for you and many members here in MT you are veteran here, I do not want to make enmity with anyone and not violate the <a href="https://malwaretips.com/help/rules/" target="_blank">rules of the forum</a> for God's sake. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></p></blockquote><p></p>
[QUOTE="piquiteco, post: 1017317, member: 96829"] Yes, you are right, the password manager was created to make it more convenient, instead of remembering dozens of passwords, you need to remember only one that, only you know the master password of your PM.(y) Yes everything can be hacked, especially internet connected devices, yes 2FA can be bypassed and circumvented, either by using reverse proxy or stealing your cookies with your saved session. Yes, correct TOTP is time based so it expires after 30 seconds or 60 seconds. I would not say that, if I were you, that TOTP is useless for a hacker after the token expires, depending on many of the circumstances, today we have security key like Yubikey, proving that TOTP can be ignored. Many companies and people use security key. If the hacker wants and you are an important target, somehow he will achieve his goal, which is to gain access to everything and steal whatever he wants and then leave without you having noticed. Yes, the master password is physically typed of course, yes correct, a keylogger can capture it when you type your password from your keyboard, I suppose everyone who uses a PM knows this, or am I wrong? I always enter my master password only on my device that I use, like on my laptop, desktop, on my phone, which I know is trusted and is clean of malware, keylogger etc. I will never use my PM on a stranger's machine, even on my father's computer I think ten times before entering my password. Wait... there is maybe use yes [USER=61091]@simmerskool[/USER] sends a hug! I enter my master password in the Keepass Secure Desktop and the Keylogger is useless and will not capture my master password when I type it.;) About the size of my master password is my secret that only I know, and your secret too that we can't reveal, I will not tell you how many characters I use my master password, but it is huge, long and tedious to type, probably much more than 80 characters just multiply 80x7 and you will know the size. If you have a PM and are going to use a weak master password, then it doesn't make sense to use a PM, it's better to leave it saved in the browser. I was talking to [USER=64945]@R2D2[/USER] about "Double blind password" just a suggestion, that I had seen a few years ago, I didn't tell him to use it that way, it makes it a little inconvenient, having to type a password + a suffix or prefix but there are people who use it that way, as Lastpass suffered a violation, he got a little thoughtful, and the master password he uses according to him reported is strong, I believe in what he said, but and Lastpass is being transparent with their users? Note: I am not defaming Lastpass just commenting on the incident, don't get me wrong folks.(y) [USER=55987]@HarborFront[/USER] was nice talking to you, just hope you do not take me wrong, suddenly I wrote something that you may think I am offending, but I am not, I have great respect for you and many members here in MT you are veteran here, I do not want to make enmity with anyone and not violate the [URL='https://malwaretips.com/help/rules/']rules of the forum[/URL] for God's sake. (y) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
