how do you remember all the passwords?

Batman:

how do you remember all the passwords?

Can you recommend a good one for a non power user/casual/easy use?

How do i know i can trust the password manager can't be hacked?

I have always been afraid of password managers because what happens if I lose access to that? It's not that I don't trust them, but I don't trust myself. I forget things and confuse things sometimes. I keep a few passwords that are burned into my memory. For important things, like GZ and my main email account, I use unique passwords. My finances are very simple so I don't do any financial transactions on-line. I reuse passwords for unimportant accounts, like logins to free services. I only use a debit card for purchases and I control the amount that is on it. So far I have never had an issue.

I know that not everyone can live this way, but I am retired and my needs are simple so it works well for me.

Rikkitic:

 

I have always been afraid of password managers because what happens if I lose access to that? It's not that I don't trust them, but I don't trust myself. I forget things and confuse things sometimes. I keep a few passwords that are burned into my memory. For important things, like GZ and my main email account, I use unique passwords. My finances are very simple so I don't do any financial transactions on-line. I reuse passwords for unimportant accounts, like logins to free services. I only use a debit card for purchases and I control the amount that is on it. So far I have never had an issue.

 

I know that not everyone can live this way, but I am retired and my needs are simple so it works well for me.

 

 

 

you keep the master password in a safe place, bottom of a filing cabinet or something, and you allow emergency access to a friend/family to your account. im not sure how you would loose access to it though? you also enable multi factor authentication on the account. you can also enable trusted devices so no one else can login from anywhere else.

https://www.lastpass.com/how-lastpass-works

"When your trusted contact requests emergency access to your vault, they will have to wait for the period of time you specify before being allowed access. During that time window, you can decline their request to access your vault."

i use last pass, and i only have to remember one password, its 20 characters long, but its only one i have to remember, all the rest of my passwords are 12 digit, alphanumeric with symbols.

Have looked at Lastpass, but have a few of questions;

Q1 - Does Lastpass violate your bank terms by entering your password on a third party site?  Banks don't approve POLi.

Q2  - Does Lastpass have to be installed on the device being used?

Q3 - What do you do when away from home?

1. Do't use Orcon email.

2. Change your email passwords to be safe.

3. Use MFA.

4. Use a password manager such as Last Pass.

5. Don't email your naughty pics develop them at your local photo developer and post them instead.

@quickymart:

 

She is worried that they may have hacked her phone. She doesn't use her laptop as it doesn't work properly - they wouldn't have had access to her phone, surely? Even if she (accidentally) went to a dodgy site on her phone it wouldn't work would it?
She has had all her e-mail stored in Orcon's webmail and I am getting her to remove it as I write this but the hacker wouldn't use it would they?

 

Tell your wife to stop worrying. Tell her to change password on email. Tell her this sender probably found her password on one one many lists from sites that had been hacked before. The scammer doesn't want to access anything, only to have her believe they can.

Tell your wife to not use the same password everywhere - if the password matches her own email password chances are she re-used it somewhere else.

I wise I could lock this thread now with this definitive answer but I will leave it.

k1w1k1d:

 

Have looked at Lastpass, but have a few of questions;

 

Q1 - Does Lastpass violate your bank terms by entering your password on a third party site?  Banks don't approve POLi.

 

Q2  - Does Lastpass have to be installed on the device being used?

 

Q3 - What do you do when away from home?

 

Q2. no, i use it at work and open my passwords on my phone and type them in on my work PC. i can also use it offline so it doesnt require an internet connection to access the passwords.

Q3. see above, + you can open the lastpass website from anywhere to access things.

I recommend Bitwarden. They have apps for iOS/Android (having an iPhone I can vouch for its excellent iOS integration, many iOS apps can request passwords directly from BitWarden making life easy) and plugins for Firefox/Safari/Edge/etc (allowing autofill with a mouse click and certain browsers e.g. Firefox also support saving your password after you login). Cloud sync so it syncs across devices/browsers. It comes with a password generator built-in so you can just press the generate button and it generates a unique password for you. It's also open source, if that ticks a box for you.

https://keepass.info/

@quickymart: Morning,My wife received an e-mail this morning from her (Orcon) address to her Orcon address ...

• The actual email address
• The display name

... The message included her password,which is what (she is) concerned about ...

... he will send every picture she has ever taken

... (he says he logged into her phone to do this) ... - but could this happen? ...

... Thing is, her phone has security on ...

Her main concern is she stored all of her e-mail in that mailbox and the hacker would have had access to it as well as all of her contacts.

• Yes, your wife should be concerned if this is her current password used for this or any other service. Somebody out there will try this email/password combination sooner or later on various systems
• No, no need to be concerned. Like SPAM & junk mail, these types of emails get sent out by the millions. The sender is hoping for a 0.0000x hit rate. Generally, they'll make enough money from that percentage.
• No, no need to be concerned. Logging into millions of email accounts, collecting addresses, viewing 9.9999E+99 mind numbingly bland sunsets, cat photos, blurred whatevers etc is going to take effort. The scammers will want to move on to something a lot easier.

...  (but I don't see how they could have backed into her cellphone anyway) ...

@k1w1k1d

 

Q1 - Does Lastpass violate your bank terms ...

 

Q2  - Does Lastpass have to be installed on the device being used?

 

Q3 - What do you do when away from home?

 

1. No. It is akin to a copy of paste from your "secure store" into the user/pwd field of the web/app. POLi & Pocketsmith store your credentials on their system & log into internet banking on your behalf with those stored credentials. Generally, no interaction from you required.
2. No, but it does make it a lot easier. Especially if you don't want to type password that are 49 - 120 characters long.
3. Use the app on your phone to view the password or only if you really, realy have to, temporarily start an incognito brwoser session on the untrusted device.