Storing Passwords?

Page 3 of 4 FirstFirst 1234 LastLast

  1. Posts : 10,485
    W7 Pro SP1 64bit
       #21

    Layback Bear said:
    If you don't have passwords on your computer they can't be hacked.
    Not true in all cases. If I were to write on a Rolodex card in a location that my laptop's camera could see, then a hacked camera could steal that password.

    Not a hack, but as you know: writing on a pad can leave info on the next sheet. I've found some interesting info on hotel pads.
      My Computer


  2. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #22

    That is surly one thing I didn't think of for computer security.

    Not a hack, but as you know: writing on a pad can leave info on the next sheet. I've found some interesting info on hotel pads.
      My Computer


  3. Posts : 657
    Windows 10 Pro
    Thread Starter
       #23

    Okay so i have keepass 2 in my laptop and also have it saved it to a usb. My issue though now is how do i input this same keepass 2 program to my iphone 4s? Thus all the passwords i have in my keepass 2 are very long thus generated by keepass itself. I cannot log into any of my email accounts etc b/c i cant just copy and paste the username/password from my laptop or usb to it. Can someone tell me how i can do this?

    Apparently theres a mini-keepass program for the iphone but is it the same or not same thing? I can't imagine you guys manually typing each password into mini keepass on the iphone so how are you guys doing this?

    How do you copy the file from desktop version of keepass to the phone? I just copied and then clicked paste on my iphone in my computer and that doesn't work at all... shows error.


    I read online that i could download dropbox to do this though? I downloaded dropbox then put the keepass2.0 on it. Then i downloaded dropbox on iphone4s, then signed on... then i see the 2kb of the keepass there. However, how do i get it to minikeepass? It shows file is not viewable. I clicked on open file in ... then it give me option of only google drive. So im confused why this is happening.
      My Computer


  4. Posts : 657
    Windows 10 Pro
    Thread Starter
       #24

    Anyone with keepass2.0 can explain how to get it to work on iphone? Not sure why there is error.
      My Computer


  5. Posts : 1,839
    Windows 7 pro
       #25

    paulyjames said:
    Anyone with keepass2.0 can explain how to get it to work on iphone? Not sure why there is error.
    It might help to know the error.
      My Computer


  6. Posts : 10,485
    W7 Pro SP1 64bit
       #26

    logicearth said:
    I will make this clear. I don't care what you use to secure your passwords. I recommend Lastpass because the folks behind it take security seriously, they are up front and open with every issue. They dont wait weeks to fix it.
    Perhaps those using this service should at least change their master password:
    https://www.sevenforums.com/security-...-password.html
      My Computer


  7. Posts : 5,642
    Windows 10 Pro (x64)
       #27

    UsernameIssues said:
    Perhaps those using this service should at least change their master password:
    https://www.sevenforums.com/security-...-password.html
    If you want to. But that is not needed. Your Master password does not reside on the Lastpass servers an attacker would never get it by attacking them.
      My Computer


  8. Posts : 10,485
    W7 Pro SP1 64bit
       #28

    The hash of your master password resides on their end.
    The salts reside on their end.
    Both appear to have been exposed.

    Sure, it is unlikely that the hash can be turned back into a password...
    ...but, I would not say never.

    Perhaps I'm reading things wrong, but LastPass seems to want users to change their master password...
    We will also be prompting all users to change their master passwords.
    ...as does Krebs, Sophos and every other article that I read.
      My Computer


  9. Posts : 318
    Windows 10 x64
       #29

    If LastPass seems risky, just use KeePass.
      My Computer


  10. Posts : 5,642
    Windows 10 Pro (x64)
       #30

    UsernameIssues said:
    The hash of your master password resides on their end.
    The salts reside on their end.
    Both appear to have been exposed.
    What resides on their end is an authentication hash that is made in-part with your password but it goes though so many iterations you cannot get your master password from it. It goes though thousands of iterations on the client side before sending to Lastpass. It then goes though several more iterations before being stored. The sole purpose of that authentication hash is just to say "yes you are the owner of this data." An attacker cannot use it to decrypt your data or to your account.

    Of course you can read all about in the Lastpass blog.

    And btw, the salt is just for their end on storing the authentication hash. Overkill but still adds some strength to the stored hash.


    Sure, it is unlikely that the hash can be turned back into a password...
    ...but, I would not say never.
    Is it never. It is mathematically impossible, that is not even a debate. It goes though so many iterations it can never be turned back to the source material.

    You can read more about the iteration mechanism they are using here: https://en.wikipedia.org/wiki/PBKDF2

    Perhaps I'm reading things wrong, but LastPass seems to want users to change their master password...
    We will also be prompting all users to change their master passwords.
    ...as does Krebs, Sophos and every other article that I read.
    Of course they would say that, it is a smart thing to say. But doesn't mean it is necessary.

    You can add even more security to your account by adding multifactor authentication to the mix as well. I bought a Yubikey and a subscription to Lastpast just for that.
      My Computer


 
Page 3 of 4 FirstFirst 1234 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:53.
Find Us