Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


252 posts

Ultimate Geek
+1 received by user: 8

Subscriber

Topic # 237759 17-Jun-2018 09:25
Send private message

Good morning,

 

What are your thoughts on password management?

 

Single password for all sites vs a random password for every login?

 

Password manager - yes or no?

 

Password manager vs browser based password management?

 

Have a great day





Windows 10 Pro
Ubuntu 18.04 LTS


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4
264 posts

Ultimate Geek
+1 received by user: 95


  Reply # 2038980 17-Jun-2018 09:35
2 people support this post
Send private message

I don't see any reason for not using a password manager and long random unique passwords.


BDFL - Memuneh
61508 posts

Uber Geek
+1 received by user: 12227

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2038982 17-Jun-2018 09:41
11 people support this post
Send private message

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 





3689 posts

Uber Geek
+1 received by user: 2131

Trusted
Lifetime subscriber

  Reply # 2038983 17-Jun-2018 09:44
Send private message

Password manager for sure

John




Ex JohnR VodafoneNZ 17 years 4 days



252 posts

Ultimate Geek
+1 received by user: 8

Subscriber

  Reply # 2038988 17-Jun-2018 10:11
Send private message

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?





Windows 10 Pro
Ubuntu 18.04 LTS




252 posts

Ultimate Geek
+1 received by user: 8

Subscriber

  Reply # 2038990 17-Jun-2018 10:12
Send private message

Ok this leads me to my next question please - which password manager?





Windows 10 Pro
Ubuntu 18.04 LTS


13594 posts

Uber Geek
+1 received by user: 2453

Trusted

  Reply # 2038995 17-Jun-2018 10:17
Send private message

freitasm:

 

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Im guilty.....  But yes, I know. Ive been slowly appending a clue word to a random characterset to minimise forgetting them, and using Apple's password manager. Keychain.

 

Guilty as charged, but yep, easy for me, but silly too 


104 posts

Master Geek
+1 received by user: 40


  Reply # 2038998 17-Jun-2018 10:23
2 people support this post
Send private message

DamageInc:

 

Ok this leads me to my next question please - which password manager?

 

 

Lastpass works well on pretty well every platform I'm aware of, and it is managed online. I use this through all my browsers. Using Lastpass instead of in-browser management means that I don't have to start inputting all my passwords again if, in the future, I decide to switch from Firefox to Chrome, Vivaldi, Edge, etc.

 

Because I am the paranoid type, I also back up all passwords into Password Safe https://pwsafe.org/ where I can keep track of other notes, various details, etc. that need to be kept private.


BDFL - Memuneh
61508 posts

Uber Geek
+1 received by user: 12227

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2039005 17-Jun-2018 11:05
One person supports this post
Send private message

@DamageInc:

 

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?

 

 

I use LastPass on my browser and smartphone. Authy is a 2FA (SECOND FACTOR) so it's in addition to your password. 

 

I recommend Authy beause Google Authenticator doesn't do backup of your codes and you lose your phone or reset it, you are in trouble.

 

You can enable 2FA on Geekzone on your profile page.





3210 posts

Uber Geek
+1 received by user: 917

Trusted

  Reply # 2039031 17-Jun-2018 11:35
3 people support this post
Send private message

My setup is Keepass for everything, synched through dropbox - has an app for pretty much every platform I've come across. And 2FA where possible (though should really use it more)


1101 posts

Uber Geek
+1 received by user: 274


  Reply # 2039055 17-Jun-2018 12:52
Send private message

Password Gorilla seems to work well and the password files work in Linux and Windows.


xpd

Chief Trash Bandit
9055 posts

Uber Geek
+1 received by user: 1406

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 2039094 17-Jun-2018 13:15
Send private message

Mix of lastpass and keepass.

 

 





XPD / Gavin / DemiseNZ

 

For Free Games, Geekiness and Reviews, visit :

 

Home Of The Overrated Raccoons

 

Battlenet : XPD#11535    Origin/Steam/Epic/Uplay : xpdnz


31 posts

Geek
+1 received by user: 1


  Reply # 2039099 17-Jun-2018 13:26
Send private message

1Password here. More costly than others, but I like it better.

 

 


21534 posts

Uber Geek
+1 received by user: 4387

Trusted
Subscriber

  Reply # 2039114 17-Jun-2018 13:47
Send private message

Just be aware with password managers that not all sites have the same length limitations on the new user fields as the login fields, so you can set a password that it too long to be able to log in with again.

 

I tend to go for 16 characters or so most places. That should be accepted since that is something that is very easy for a person to type and remember. Going out to 64 is pretty pointless and breaks on many sites.





Richard rich.ms

mdf

1997 posts

Uber Geek
+1 received by user: 590

Trusted
Subscriber

  Reply # 2039116 17-Jun-2018 14:14
Send private message

I've posted these links before (they're 5 years old now), but these articles were my wake-up call to password security.

 

Nate Anderson, a journalist writing for Ars Technica with no particular password expertise, turned himself into a password cracker using consumer grade equipment and free software in the space of a dayExperienced password crackers can crack up to 90 per cent of passwords without breaking a sweat.

 

I use LastPass with 2FA enabled. Works across desktop browsing and mobile phones (much, much better on Android than iOS though). It doesn't work perfectly on 100% of websites, but I strongly suspect that's more to do with the website design than LastPass itself.


3104 posts

Uber Geek
+1 received by user: 766


  Reply # 2039125 17-Jun-2018 15:00
Send private message

Lastpass and Authy combo for me. 

 

I had been a paid customer of Lastpass (mobile app initially required a paid account), but found when the sub ended earlier this year I lost none of the functionality - so there's no need to pay anything if running both Lastpass and Authy (amongst various free options).  

 

OP - be mindful that iOS doesn't play wonderfully with Lastpass (like many such apps and iOS!), so you may have to sometimes manually copy across passwords from the Lastpass app into a login window when logging in (or alternatively you can use the built-in browser). There's no such issue with Android devices (for which the Lastpass window will usually pop up) or in a browser. 


 1 | 2 | 3 | 4
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.