Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




269 posts

Ultimate Geek
+1 received by user: 13

Subscriber

Topic # 237759 17-Jun-2018 09:25
Send private message

Good morning,

 

What are your thoughts on password management?

 

Single password for all sites vs a random password for every login?

 

Password manager - yes or no?

 

Password manager vs browser based password management?

 

Have a great day





Windows 10 Pro - Ubuntu 18.10 - DJI Mavic Air


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4
276 posts

Ultimate Geek
+1 received by user: 100


  Reply # 2038980 17-Jun-2018 09:35
2 people support this post
Send private message

I don't see any reason for not using a password manager and long random unique passwords.


BDFL - Memuneh
62728 posts

Uber Geek
+1 received by user: 13407

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2038982 17-Jun-2018 09:41
11 people support this post
Send private message

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 





 
 
 
 


4251 posts

Uber Geek
+1 received by user: 2429

Trusted
Lifetime subscriber

  Reply # 2038983 17-Jun-2018 09:44
Send private message

Password manager for sure

John



269 posts

Ultimate Geek
+1 received by user: 13

Subscriber

  Reply # 2038988 17-Jun-2018 10:11
Send private message

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?





Windows 10 Pro - Ubuntu 18.10 - DJI Mavic Air




269 posts

Ultimate Geek
+1 received by user: 13

Subscriber

  Reply # 2038990 17-Jun-2018 10:12
Send private message

Ok this leads me to my next question please - which password manager?





Windows 10 Pro - Ubuntu 18.10 - DJI Mavic Air


15358 posts

Uber Geek
+1 received by user: 2984
Inactive user


  Reply # 2038995 17-Jun-2018 10:17
Send private message

freitasm:

 

You should never, ever use a single password for all sites. There's a thing called credential stuff, where bots will be used to try leaked email/passwords in other websites - and the chance of this hitting gold is pretty high if you reuse passwords.

 

Yes to password managers, not browsers. If using password managers then try using long passwords generated by the app. Use 2FA wherever available. Authy for 2FA since it synchronises between desktop and mobile devices so if you reset your smartphone you're not locked out of services.

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Im guilty.....  But yes, I know. Ive been slowly appending a clue word to a random characterset to minimise forgetting them, and using Apple's password manager. Keychain.

 

Guilty as charged, but yep, easy for me, but silly too 


159 posts

Master Geek
+1 received by user: 74


  Reply # 2038998 17-Jun-2018 10:23
2 people support this post
Send private message

DamageInc:

 

Ok this leads me to my next question please - which password manager?

 

 

Lastpass works well on pretty well every platform I'm aware of, and it is managed online. I use this through all my browsers. Using Lastpass instead of in-browser management means that I don't have to start inputting all my passwords again if, in the future, I decide to switch from Firefox to Chrome, Vivaldi, Edge, etc.

 

Because I am the paranoid type, I also back up all passwords into Password Safe https://pwsafe.org/ where I can keep track of other notes, various details, etc. that need to be kept private.


BDFL - Memuneh
62728 posts

Uber Geek
+1 received by user: 13407

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2039005 17-Jun-2018 11:05
One person supports this post
Send private message

@DamageInc:

 

freitasm:

 

Visit https://haveibeenpwned.com/ to check if your email's leaked and https://haveibeenpwned.com/Passwords to check if your password has leaked. 

 

 

Dam not a good result visiting the above links.

 

Do you use Authy as well as a password manager or just Authy?

 

 

I use LastPass on my browser and smartphone. Authy is a 2FA (SECOND FACTOR) so it's in addition to your password. 

 

I recommend Authy beause Google Authenticator doesn't do backup of your codes and you lose your phone or reset it, you are in trouble.

 

You can enable 2FA on Geekzone on your profile page.





3264 posts

Uber Geek
+1 received by user: 972

Trusted

  Reply # 2039031 17-Jun-2018 11:35
3 people support this post
Send private message

My setup is Keepass for everything, synched through dropbox - has an app for pretty much every platform I've come across. And 2FA where possible (though should really use it more)


1299 posts

Uber Geek
+1 received by user: 338


  Reply # 2039055 17-Jun-2018 12:52
Send private message

Password Gorilla seems to work well and the password files work in Linux and Windows.


xpd

Chief Trash Bandit
9371 posts

Uber Geek
+1 received by user: 1563

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 2039094 17-Jun-2018 13:15
Send private message

Mix of lastpass and keepass.

 

 





XPD / Gavin / DemiseNZ

 

Server : i3-3240 @ 3.40GHz  16GB RAM  Win 10 Pro    Workstation : i5-3570K @ 3.40GHz  16GB RAM  RX580 4GB Win 10 Pro    Console : Xbox One

 

https://www.xpd.co.nz - Games, geeks, and more.    


36 posts

Geek
+1 received by user: 2


  Reply # 2039099 17-Jun-2018 13:26
Send private message

1Password here. More costly than others, but I like it better.

 

 


21929 posts

Uber Geek
+1 received by user: 4607

Trusted
Subscriber

  Reply # 2039114 17-Jun-2018 13:47
Send private message

Just be aware with password managers that not all sites have the same length limitations on the new user fields as the login fields, so you can set a password that it too long to be able to log in with again.

 

I tend to go for 16 characters or so most places. That should be accepted since that is something that is very easy for a person to type and remember. Going out to 64 is pretty pointless and breaks on many sites.





Richard rich.ms

mdf

2164 posts

Uber Geek
+1 received by user: 665

Trusted
Subscriber

  Reply # 2039116 17-Jun-2018 14:14
Send private message

I've posted these links before (they're 5 years old now), but these articles were my wake-up call to password security.

 

Nate Anderson, a journalist writing for Ars Technica with no particular password expertise, turned himself into a password cracker using consumer grade equipment and free software in the space of a dayExperienced password crackers can crack up to 90 per cent of passwords without breaking a sweat.

 

I use LastPass with 2FA enabled. Works across desktop browsing and mobile phones (much, much better on Android than iOS though). It doesn't work perfectly on 100% of websites, but I strongly suspect that's more to do with the website design than LastPass itself.


3404 posts

Uber Geek
+1 received by user: 883


  Reply # 2039125 17-Jun-2018 15:00
Send private message

Lastpass and Authy combo for me. 

 

I had been a paid customer of Lastpass (mobile app initially required a paid account), but found when the sub ended earlier this year I lost none of the functionality - so there's no need to pay anything if running both Lastpass and Authy (amongst various free options).  

 

OP - be mindful that iOS doesn't play wonderfully with Lastpass (like many such apps and iOS!), so you may have to sometimes manually copy across passwords from the Lastpass app into a login window when logging in (or alternatively you can use the built-in browser). There's no such issue with Android devices (for which the Lastpass window will usually pop up) or in a browser. 


 1 | 2 | 3 | 4
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Huawei introduces the HUAWEI Watch GT to New Zealand
Posted 27-Mar-2019 11:09


Huawei unveils the P30 series
Posted 27-Mar-2019 05:13


Kordia announces recipient of inaugural Women in Technology Scholarship
Posted 26-Mar-2019 22:48


T&G Global and Abundant Robotics show first commercial robotic apple harvester
Posted 26-Mar-2019 21:34


Amazon introduces new Kindle with adjustable front light
Posted 21-Mar-2019 20:14


A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.