Password managers

Lady Fitzgerald · 29 Jan 2016

Thanks!

ThrashZone · 29 Jan 2016

Well I hope you write them down instead of remembering them John :)

z3r010 · 29 Jan 2016

ThrashZone said:

Well I hope you write them down instead of remembering them John :)

I bought 3 yubikeys just to be sure

ThrashZone · 29 Jan 2016

Is that a new pen :)

Callender · 29 Jan 2016

Lady Fitzgerald said:

Thanks for sharing your experiences with password managers, Chris. I would rep you but I need to spread it around more (mutter, mutter, mumble, mumble).

No worries!

RE: LastPass hack.

There's been no problem with it unless you used the same password for other sites as your LastPass master password - then you'd need to change passwords for any affected sites. Only LastPass master passwords were obtained and not the individual passwords stored and used to access other sites.

HAVOC · 29 Jan 2016

I've been using LastPass for a couple months (the paid version, so I can use the mobile version, 1$ a month). I really like the password generator.
There are some sites that I can't get to work (my bank). I just remember the login/password for those.

z3r010 · 29 Jan 2016

Your bank is a site where you should tell it to go away and you will be responsible for the password yourself.

HAVOC · 29 Jan 2016

How about saving the Lastpass login info to a .csv (Excel file), is that safe?
I used to save login info to a text file

I have since changed all my passwords using Lastpass.

ICIT2LOL · 29 Jan 2016

Callender said:

I've used LastPass and Dashlane.

Dashlane was fairly resource hungry and although I liked it - after they upgraded to a new version it started capturing credit card details for every transaction that I processed through my workplace's shopping cart (customer details) and I could not find a way to disable it on a per site basis. Maybe they fixed that but I haven't used it since then.

On the plus side I did like Dashlane Courier - send encrypted secure notes that self destruct after the recipient viewed them. Very good.

LastPass: Currently I use it to log into many sites where security isn't an issue.

That means:

No duplicate password that is used for more than one site.
No password saving for internet banking or email accounts.

Note: LastPass has been hacked a few times:

https://blog.lastpass.com/2015/06/la...y-notice.html/

What that means is that if you use it keep an eye out for emails from them and also keep an eye on security news.

So far only master passwords have been compromised and the only action needed was to change your master password. Your saved passwords for websites were not compromised.

1Password:

Never used it. It seems that you must download the desktop app and install it (like Dashlane)

I guess for that reason I'll stick with LastPass (browser extension)

Thanks for the heads up Chris it looks like I shall be trying the LastPass then it seems to make a lot of sense to me.

Just one thing what did you think of my comment on making it portable??

Edit Again I would rep but seems a spread around job

Callender · 29 Jan 2016

ICIT2LOL said:

Thanks for the heads up Chris it looks like I shall be trying the LastPass then it seems to make a lot of sense to me.

Just one thing what did you think of my comment on making it portable??

I haven't used the portable LastPass but from what I'm reading:

The portable USB thumb drive version requires a portable browser installed.

I just tested the other option - Lastpass Pocket and basically it's just a way to store your data. There's an option to easily show/ hide passwords that requires your master password. All you do is run the executable.

If you want to see plain text passwords it requires your master password.

You can keep data locally or get it from your Lastpass online account.

I see they do indeed offer a desktop app. Personally I'm happy with the LastPass browser extension.