Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


DamageInc

338 posts

Ultimate Geek

Lifetime subscriber

#237759 17-Jun-2018 09:25
Send private message

Good morning,

 

What are your thoughts on password management?

 

Single password for all sites vs a random password for every login?

 

Password manager - yes or no?

 

Password manager vs browser based password management?

 

Have a great day





Pop OS!


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4
marpada
335 posts

Ultimate Geek


  #2038980 17-Jun-2018 09:35
Send private message

I don't see any reason for not using a password manager and long random unique passwords.


freitasm
BDFL - Memuneh
68798 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2038982 17-Jun-2018 09:41
Send private message

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 





 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


 
 
 
 


Linux
6912 posts

Uber Geek

Trusted
Lifetime subscriber

  #2038983 17-Jun-2018 09:44
Send private message

Password manager for sure

John

DamageInc

338 posts

Ultimate Geek

Lifetime subscriber

  #2038988 17-Jun-2018 10:11
Send private message

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?





Pop OS!


DamageInc

338 posts

Ultimate Geek

Lifetime subscriber

  #2038990 17-Jun-2018 10:12
Send private message

Ok this leads me to my next question please - which password manager?





Pop OS!


tdgeek
21493 posts

Uber Geek

Trusted
Lifetime subscriber

  #2038995 17-Jun-2018 10:17
Send private message

freitasm:

 

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Im guilty.....  But yes, I know. Ive been slowly appending a clue word to a random characterset to minimise forgetting them, and using Apple's password manager. Keychain.

 

Guilty as charged, but yep, easy for me, but silly too 


Gurezaemon
402 posts

Ultimate Geek

Lifetime subscriber

  #2038998 17-Jun-2018 10:23
Send private message

DamageInc:

 

Ok this leads me to my next question please - which password manager?

 

 

Lastpass works well on pretty well every platform I'm aware of, and it is managed online. I use this through all my browsers. Using Lastpass instead of in-browser management means that I don't have to start inputting all my passwords again if, in the future, I decide to switch from Firefox to Chrome, Vivaldi, Edge, etc.

 

Because I am the paranoid type, I also back up all passwords into Password Safe https://pwsafe.org/ where I can keep track of other notes, various details, etc. that need to be kept private.


 
 
 
 


freitasm
BDFL - Memuneh
68798 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2039005 17-Jun-2018 11:05
Send private message

@DamageInc:

 

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?

 

 

I use LastPass on my browser and smartphone. Authy is a 2FA (SECOND FACTOR) so it's in addition to your password. 

 

I recommend Authy beause Google Authenticator doesn't do backup of your codes and you lose your phone or reset it, you are in trouble.

 

You can enable 2FA on Geekzone on your profile page.





 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


sidefx
3504 posts

Uber Geek

Trusted

  #2039031 17-Jun-2018 11:35
Send private message

My setup is Keepass for everything, synched through dropbox - has an app for pretty much every platform I've come across. And 2FA where possible (though should really use it more)





"I was born not knowing and have had only a little time to change that here and there."         | Electric Kiwi | Sharesies
              - Richard Feynman


amiga500
1488 posts

Uber Geek
Inactive user


  #2039055 17-Jun-2018 12:52
Send private message

Password Gorilla seems to work well and the password files work in Linux and Windows.


xpd

xpd
Im a pirate
10790 posts

Uber Geek

Mod Emeritus
Trusted
Lifetime subscriber

  #2039094 17-Jun-2018 13:15
Send private message

Mix of lastpass and keepass.

 

 





XPD^ / DemiseNZ

 

Blog         Free Games        Twitter      My TradeMe Goodies

 

Pirating in Sea Of Thieves

 

Coming Soon - BBS door games - all the classics!

 

 


Deamo
67 posts

Master Geek


  #2039099 17-Jun-2018 13:26
Send private message

1Password here. More costly than others, but I like it better.

 

 


richms
23646 posts

Uber Geek

Trusted
Subscriber

  #2039114 17-Jun-2018 13:47
Send private message

Just be aware with password managers that not all sites have the same length limitations on the new user fields as the login fields, so you can set a password that it too long to be able to log in with again.

 

I tend to go for 16 characters or so most places. That should be accepted since that is something that is very easy for a person to type and remember. Going out to 64 is pretty pointless and breaks on many sites.





Richard rich.ms

mdf

mdf
2675 posts

Uber Geek

Trusted
Subscriber

  #2039116 17-Jun-2018 14:14
Send private message

I've posted these links before (they're 5 years old now), but these articles were my wake-up call to password security.

 

Nate Anderson, a journalist writing for Ars Technica with no particular password expertise, turned himself into a password cracker using consumer grade equipment and free software in the space of a dayExperienced password crackers can crack up to 90 per cent of passwords without breaking a sweat.

 

I use LastPass with 2FA enabled. Works across desktop browsing and mobile phones (much, much better on Android than iOS though). It doesn't work perfectly on 100% of websites, but I strongly suspect that's more to do with the website design than LastPass itself.


jonathan18
4802 posts

Uber Geek

Trusted
Subscriber

  #2039125 17-Jun-2018 15:00
Send private message

Lastpass and Authy combo for me. 

 

I had been a paid customer of Lastpass (mobile app initially required a paid account), but found when the sub ended earlier this year I lost none of the functionality - so there's no need to pay anything if running both Lastpass and Authy (amongst various free options).  

 

OP - be mindful that iOS doesn't play wonderfully with Lastpass (like many such apps and iOS!), so you may have to sometimes manually copy across passwords from the Lastpass app into a login window when logging in (or alternatively you can use the built-in browser). There's no such issue with Android devices (for which the Lastpass window will usually pop up) or in a browser. 


 1 | 2 | 3 | 4
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News »

Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS1621+ 
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32


NordVPN starts deploying colocated servers
Posted 7-Oct-2020 09:00


Google introduces Nest Wifi routers in New Zealand
Posted 7-Oct-2020 05:00


Orcon to bundle Google Nest Wifi router with new accounts
Posted 7-Oct-2020 05:00


Epay and Centrapay partner to create digital gift cards
Posted 2-Oct-2020 17:34


Inseego launches 5G MiFi M2000 mobile hotspot
Posted 2-Oct-2020 14:53









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.