Password Managers 2019

upnorth · Oct 25, 2019

blackice said:
I have 2FA even on my old throw away yahoo account. Someone finally tried to access it and I got an alert and denied it. Never seen it in action before other than authenticating a session I initiated, pretty useful.

Was it caught and shared in some hack, that you know of?

https://haveibeenpwned.com/

blackice · Oct 25, 2019

upnorth said:
Was it caught and shared in some hack, that you know of?

https://haveibeenpwned.com/

Yes it’s been part of multiple hacks. It’s actually a straight authenticated account. They just put in my email and attempted to login. The Authenticator asked if it was me. I had changed the password multiple times since the hacks. Then they switched their Authenticator to being password free, which I forgot about. I regularly run my emails and my wife’s emails through haveibeenpwned. Thankfully we’ve had few to deal with.

upnorth · Oct 25, 2019

Great example that it actually is possible to protect oneself, even in a event of a hack. Thanks @blackice

Threadripper · Oct 25, 2019

notabot said:
If you're hacked you're done, they take all the passwords from your local machine when you decrypt them with your master password - not from the remote server. To mitigate this

1) never store your 2FA codes for your accounts on the same password manager you use for your passwords (I'd go as far as don't use the same machine, to maximally decouple the 2nd factor from your passwords)
2) take measures to secure the machine to avoid compromise
3) don't sweat over it, if they only have the passwords without the 2FA codes for your logins nothing can happen and if you use a good security product this should not happen in the first place.

You said if they are hacked which is why I was talking about password managers, you're talking about using your password manager on a compromised device - obviously that's going to be a problem.

notabot · Oct 25, 2019

Threadripper said:
You said if they are hacked which is why I was talking about password managers, you're talking about using your password manager on a compromised device - obviously that's going to be a problem.

If you keep 2nd factors on a separate device, ie use PC for passwords, mobile for 2FA -- even then I don't think it's a total disaster.

LDogg · Nov 2, 2019

gmaister22 said:
brain.exe is too busy and uses more resources on businesses than remembering passwords for 300 websites...

That's if you're not visiting 300 websites that you need to login to

Plus my memories amazing.

~LDogg

The Cog in the Machine · Jan 8, 2020

pablozi said:
Free version doesn't support cross device syncing.

Got the lifetime version for $14.99

gmaister22 said:
I do not mind paying I actually prefer paying for something that crucial so that I know that the developers make money out of it so they doing their best. That's how business work. I already pay 60€ a year for 1Password family plan. I am just looking for a good alternative (paid) because I do not like how 1Password works with autofilling

Last pass is year ahead for auto filling but I am worried about their security....

You might give Dashlane a try.

For those who are not sure about the security of their passwords, you can use Sticky Password Portable and you can use the WIFI sync functionality. Unfrotunately, the development of Sticky Password is very slow; it does not receive updates regularly.

Upendra19 · Jan 8, 2020

pablozi said:
Free version doesn't support cross device syncing.

You can find premium licence in many giveaways so one can avail of all premium features.

security123 · Feb 4, 2020

I wonder how you guys use your online password manager without internet?

Eg I store in KeePass my VeraCrypt passwords for external USB drives. So if I would disconnect from network, reset windows and then want access to my external USB backup drive I cannot because of missing password from cloud. With KeePass that isn't a problem.

Also I would say that a local database is more secure then a cloud one. Of course a compromised PC is bad. It's always bad.
But don't think that store such important data on cloud would help in that case

ForgottenSeer 823865 · Feb 4, 2020

My password is in my brain, I have an easy to use and very safe formula, so I use a password manager more because I'm lazy to type 20+ characters than forget them.

blackice · Feb 4, 2020

security123 said:
I wonder how you guys use your online password manager without internet?

Eg I store in KeePass my VeraCrypt passwords for external USB drives. So if I would disconnect from network, reset windows and then want access to my external USB backup drive I cannot because of missing password from cloud. With KeePass that isn't a problem.

Also I would say that a local database is more secure then a cloud one. Of course a compromised PC is bad. It's always bad.
But don't think that store such important data on cloud would help in that case

Without the internet I don’t need most of my passwords, the few I do I remember.

Handsome Recluse · Feb 4, 2020

I use password managers because typing on phones is unwieldy.

blacksheep · Mar 15, 2020

BitWarden FTW!

Search

Password Managers 2019

upnorth

Level 43

blackice

Level 25

upnorth

Level 43

Threadripper

Level 8

notabot

Level 15

LDogg

Level 31

The Cog in the Machine

Level 21

Upendra19

Level 2

security123

Level 16

ForgottenSeer 823865

blackice

Level 25

Handsome Recluse

Level 23

blacksheep

Level 3

Similar threads