Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


237 posts

Master Geek
+1 received by user: 6

Subscriber

Topic # 237759 17-Jun-2018 09:25
Send private message quote this post

Good morning,

 

What are your thoughts on password management?

 

Single password for all sites vs a random password for every login?

 

Password manager - yes or no?

 

Password manager vs browser based password management?

 

Have a great day





Windows 10 Pro
Ubuntu 18.04 LTS


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4
259 posts

Ultimate Geek
+1 received by user: 83


  Reply # 2038980 17-Jun-2018 09:35
2 people support this post
Send private message quote this post

I don't see any reason for not using a password manager and long random unique passwords.


BDFL - Memuneh
60809 posts

Uber Geek
+1 received by user: 11690

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2038982 17-Jun-2018 09:41
11 people support this post
Send private message quote this post

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 





3203 posts

Uber Geek
+1 received by user: 1799

Trusted
Lifetime subscriber

  Reply # 2038983 17-Jun-2018 09:44
Send private message quote this post

Password manager for sure

John




Ex JohnR VodafoneNZ 17 years 4 days



237 posts

Master Geek
+1 received by user: 6

Subscriber

  Reply # 2038988 17-Jun-2018 10:11
Send private message quote this post

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?





Windows 10 Pro
Ubuntu 18.04 LTS




237 posts

Master Geek
+1 received by user: 6

Subscriber

  Reply # 2038990 17-Jun-2018 10:12
Send private message quote this post

Ok this leads me to my next question please - which password manager?





Windows 10 Pro
Ubuntu 18.04 LTS


12564 posts

Uber Geek
+1 received by user: 2229

Trusted

  Reply # 2038995 17-Jun-2018 10:17
Send private message quote this post

freitasm:

 

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Im guilty.....  But yes, I know. Ive been slowly appending a clue word to a random characterset to minimise forgetting them, and using Apple's password manager. Keychain.

 

Guilty as charged, but yep, easy for me, but silly too 


81 posts

Master Geek
+1 received by user: 28


  Reply # 2038998 17-Jun-2018 10:23
2 people support this post
Send private message quote this post

DamageInc:

 

Ok this leads me to my next question please - which password manager?

 

 

Lastpass works well on pretty well every platform I'm aware of, and it is managed online. I use this through all my browsers. Using Lastpass instead of in-browser management means that I don't have to start inputting all my passwords again if, in the future, I decide to switch from Firefox to Chrome, Vivaldi, Edge, etc.

 

Because I am the paranoid type, I also back up all passwords into Password Safe https://pwsafe.org/ where I can keep track of other notes, various details, etc. that need to be kept private.


BDFL - Memuneh
60809 posts

Uber Geek
+1 received by user: 11690

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2039005 17-Jun-2018 11:05
One person supports this post
Send private message quote this post

@DamageInc:

 

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?

 

 

I use LastPass on my browser and smartphone. Authy is a 2FA (SECOND FACTOR) so it's in addition to your password. 

 

I recommend Authy beause Google Authenticator doesn't do backup of your codes and you lose your phone or reset it, you are in trouble.

 

You can enable 2FA on Geekzone on your profile page.





3157 posts

Uber Geek
+1 received by user: 887

Trusted

  Reply # 2039031 17-Jun-2018 11:35
3 people support this post
Send private message quote this post

My setup is Keepass for everything, synched through dropbox - has an app for pretty much every platform I've come across. And 2FA where possible (though should really use it more)


875 posts

Ultimate Geek
+1 received by user: 212


  Reply # 2039055 17-Jun-2018 12:52
quote this post

Password Gorilla seems to work well and the password files work in Linux and Windows.


xpd

Chief Trash Bandit
8795 posts

Uber Geek
+1 received by user: 1283

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 2039094 17-Jun-2018 13:15
Send private message quote this post

Mix of lastpass and keepass.

 

 





XPD / Gavin / DemiseNZ

 

For Free Games, Geekiness and Reviews, visit :

 

Home Of The Overrated Raccoons

 

Battlenet : XPD#11535    Origin/Steam/Epic/Uplay : xpdnz


27 posts

Geek
+1 received by user: 1


  Reply # 2039099 17-Jun-2018 13:26
Send private message quote this post

1Password here. More costly than others, but I like it better.

 

 


21236 posts

Uber Geek
+1 received by user: 4273

Trusted
Subscriber

  Reply # 2039114 17-Jun-2018 13:47
Send private message quote this post

Just be aware with password managers that not all sites have the same length limitations on the new user fields as the login fields, so you can set a password that it too long to be able to log in with again.

 

I tend to go for 16 characters or so most places. That should be accepted since that is something that is very easy for a person to type and remember. Going out to 64 is pretty pointless and breaks on many sites.





Richard rich.ms

mdf

1829 posts

Uber Geek
+1 received by user: 522

Trusted
Subscriber

  Reply # 2039116 17-Jun-2018 14:14
Send private message quote this post

I've posted these links before (they're 5 years old now), but these articles were my wake-up call to password security.

 

Nate Anderson, a journalist writing for Ars Technica with no particular password expertise, turned himself into a password cracker using consumer grade equipment and free software in the space of a dayExperienced password crackers can crack up to 90 per cent of passwords without breaking a sweat.

 

I use LastPass with 2FA enabled. Works across desktop browsing and mobile phones (much, much better on Android than iOS though). It doesn't work perfectly on 100% of websites, but I strongly suspect that's more to do with the website design than LastPass itself.


2926 posts

Uber Geek
+1 received by user: 716


  Reply # 2039125 17-Jun-2018 15:00
Send private message quote this post

Lastpass and Authy combo for me. 

 

I had been a paid customer of Lastpass (mobile app initially required a paid account), but found when the sub ended earlier this year I lost none of the functionality - so there's no need to pay anything if running both Lastpass and Authy (amongst various free options).  

 

OP - be mindful that iOS doesn't play wonderfully with Lastpass (like many such apps and iOS!), so you may have to sometimes manually copy across passwords from the Lastpass app into a login window when logging in (or alternatively you can use the built-in browser). There's no such issue with Android devices (for which the Lastpass window will usually pop up) or in a browser. 


 1 | 2 | 3 | 4
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Hawaiki Transpacific cable ready-for-service
Posted 20-Jul-2018 11:29


Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.