You can easily the remove the password from the file, so no matter what encryption you use is easy to bypass.
Q&A Password manager: Question is simply - why did you choose the one you are using now?
- Thread starter Lenny_Fox
- Start date
Not a bad idea. An encrypted word document, with a totally different file name, and probably hidden from the device. Hackers won't even bother to check these word documents. They are more invested in cracking passwords online, detecting vulnerabilities in password managers both local and on the cloud.
Most software companies especially dealing with the paid ones, try to create a psychological need into buying their products, when most home users who just use basic features would be otherwise more than satisfied with this functionality. That's how businesses work. Do you feel protected with your default protection - Windows Defender? Maybe not. A home user now switches to the brand's free solution. Then you get an advertisement on how free antivirus is not as effective as a paid solution. This way they create an unnecessary need for trying out their paid counterpart.
This is called security through obscurity
The less paranoid that someone is, the more secure they feel.This is called security through obscurity
Otherwise god forbid, no security system in the world can help them.Here's one for the computer humor section at MalwareTips.
Last edited:
Not completely true, as long as the encryption is 256 bit AES and used with a key and not a password it will work, just need to make sure the key is store externally like a usb stick, it would take even a supercomputer over a million years to crack it and by then ......they can have at it!
A lot of these so called "secured databases" are just a marketing term used to get sales and money out of your pocket, nothing, I repeat NOTHING is fool proof and un-hackable , we see it every single day in the hacking and leaking of information of credit cards , apps , servers and the list goes on, check out Bleeping Computer, something gets leaked or hacked just about every day. It just depends who wants that information and how badly they want it. They can call it a "secured database" but that only means they haven't come across anyone that can hack it yet.
Last edited:
KeePass is free and open source. It doesn't need any money out of our pocket. I don't know anything about cryptography but I find using KeePass much user friendly than copying username and password from a doc file. Also it uses same encryption method you mentioned with much more options.
Maybe the wrong choice of words, bottom line , same goes for free or paid .
Don't get me wrong, I use a password manager too, but I also know there could be a chance somewhere in the future it can be hacked which is why I have all my passwords backed up and stored externally in a text file in the event it does get hacked, I can change those passwords immediately.
KeePass provide a good documentation about:
Security - KeePass
I also recommend these settings:
Same , I have passwords in xslx (AES256 with SHA512 hashing). I used Axcrypt before, but since it was discontinued, I fail to find a file encryption tool.
Axcrypt was not discontinued; it is available in both free and paid (subscription-based) versions. See AxCrypt - File Security Made Easy (for a comparison between the different versions see Pricing | AxCrypt - File Security Made Easy).
Correction, version 1.7 was discontinued. Since version 2.0, it is not a file encryption tool. I made a complaint back then, but they said, that is the way it is.
Not a secure solution. Additionally, ransomware can encrypt those files and it will be lost forever, unless you keep another copy of the insecure .docx file elsewhere.
Consider switching to a trusted secure password manager:
- LastPass- Free/Paid plans (my recommendation) + additional LastPass Authenticator app.
- Bitwarden - FOSS, Free/Paid plans
- 1Password - Recommended by experts, Paid only
- Sign up with email address**
- Create a Master Password that only you know - you will need this to access your vault
- Enable 2nd Factor Authentication which should be a standard across all your web account
- Store any password credentials and notes
- Options to configure each with Allow/Disable auto-login, auto-fill, auto-change passwords
- Paid plans usually include Dark web monitoring, sharing and more users
- Advanced configurations to limit access to your vault (database), this may include restricting regions/countries, TOR, Mobile devices, managing trusted devices etc.
UUUhhhhhh a Word.docx or Excel.xlsx as Password Safe - I do not blame the user - I have seen Administrators saving Password in .txt files. So that is insecure... At least its in MSOffice and it depends how you secure the Document it can be encrypted or not. But did you know that MSOffice Docs have backdoors? That is the reason why Businesses use them coz ppl forget.
Here are a few light methods -> Forgot Word Document Password? Here Are Free Ways to Recover Word Password
In the Company I worked for we had those cases come in 2-6 Times a Quarter of the year. Those tools are expensive but work flawless just imagine a real pro in the dark web. He has those tools to, or even better... [All Office Documents - Word / Excel and Co.]
Otherwise it is easy to protect yourself or even self-host a Password Manager. -> Followpost from Spawn -> Q&A - Password manager: Question is simply - why did you choose the one you are using now?
Best regards
Val.
Here are a few light methods -> Forgot Word Document Password? Here Are Free Ways to Recover Word Password
In the Company I worked for we had those cases come in 2-6 Times a Quarter of the year. Those tools are expensive but work flawless just imagine a real pro in the dark web. He has those tools to, or even better...
[All Office Documents - Word / Excel and Co.]Otherwise it is easy to protect yourself or even self-host a Password Manager. -> Followpost from Spawn -> Q&A - Password manager: Question is simply - why did you choose the one you are using now?
Best regards
Val.
Currently trialing LastPass.
I was using Bitwarden Premium since last year and now I am looking for an alternative because delays in autofill sync are killing me and their support doesn't seem to recognize this as an issue and advise to log out and log back in again on my mobile in order to make it work - not very convenient approach.
First I've tried 1Password and I don't like the fact that I need to install another app in my system to get some things done.
I was using Bitwarden Premium since last year and now I am looking for an alternative because delays in autofill sync are killing me and their support doesn't seem to recognize this as an issue and advise to log out and log back in again on my mobile in order to make it work - not very convenient approach.
First I've tried 1Password and I don't like the fact that I need to install another app in my system to get some things done.
Similar threads
