Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Password managers vs. Manual password management

15 Sep 2016   #1
WindowRobin

Windows 7 Home Premium 32bit
 
 
Password managers vs. Manual password management

I've been thinking about the use of password managers lately and wondering whether it's worth exploring an alternative.

The problem, as I see it, is with having one master password - I know this is supposed to be kept securely by the developers, but I've heard of several security scares in the last few years. Of course, this is much more secure than simply using the same password everywhere, but if hackers were able to gain access to people's master passwords, surely it would be a goldmine for them and disatrous for everyone else! Even if the master passwords are well protected, this is possible, right?

Back to the alternative... what do you think about the possibility of devising a new unique password each time, writing it down, and physically guarding it. However, this would just be for the accounts you deem most vital, so a password manager could still be used for less important accounts. I know it sounds inconvenient, and I suppose it would only work if you're not prone to losing things, but could be a viable option?


My System SpecsSystem Spec
.
15 Sep 2016   #2
fireberd

Windows 10 64 bit
 
 

With all the available password manager programs/apps around I often wonder if any of them have any "backdoors" that send your personal info to somewhere. Maybe I'm just paranoid but I keep my passwords list off line and wouldn't consider a password manager program.
My System SpecsSystem Spec
15 Sep 2016   #3
WindowRobin

Windows 7 Home Premium 32bit
 
 

Exactly, it's always a little disconcerting to have the key to so much sensitive information in one place. I was reading this earlier, mainly to get an idea of what each password manager offers, but then I noticed right the "Residual Risk" heading...:
"Further challenges include a certain dependency on already-prepared data bases as well as the fact that local installations only allow password managers to be used on private computers. Options involving cloud functions are also associated with higher risk."

Seems like a pretty big deal really. Either you go with a locally installed password manager, which sounds far less convenient, or you go for the cloud and risk being the target of a hack. Not ideal! Can someone tell me if I'm missing something here?
My System SpecsSystem Spec
.

15 Sep 2016   #4
Bambinoo

Windows 7 Pro 32bit
 
 

I'm with fireberd on this..been doing it that way forever!

I personally use Excel, but there are numerous other options.

Lee
My System SpecsSystem Spec
16 Sep 2016   #5
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

None of my passwords are kept on my computers or on any site with a program.
I use a old fashion Rolodex. The Rolodex sits on my desk within easy reach.

Rolodex Open Rotary Business Card File with 200 2 5 8" x 4"Cards Purple 1819543 | eBay
My System SpecsSystem Spec
16 Sep 2016   #6
Mellon Head

Win 7 Pro x64/Win 10 Pro x64 dual boot
 
 

I use a manual system (in my head), and occasionally written down away from the computer.

I don't trust password managers. I think that they are too easy to hack. All it takes is one accidental keylogger to snag my master password and all of my passwords are compromised.

A pencil and some paper is the best defense.
My System SpecsSystem Spec
16 Sep 2016   #7
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I personally have never had a pencil or paper hacked. When I upgraded to pen; still no hacks.
Maybe I'm just lucky.
My System SpecsSystem Spec
17 Sep 2016   #8
Mellon Head

Win 7 Pro x64/Win 10 Pro x64 dual boot
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
I personally have never had a pencil or paper hacked. When I upgraded to pen; still no hacks.
Maybe I'm just lucky.
Or you use a good anti-malware on that paper.
My System SpecsSystem Spec
18 Sep 2016   #9
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
I personally have never had a pencil or paper hacked. When I upgraded to pen; still no hacks.
Maybe I'm just lucky.
Paper works for many people. It would not work for me (and many others). In this old post, I mention that I had just under 400 accounts/passwords to keep up with. I checked before making this post and I'm now closer to 300 accounts/passwords.

The KeePass database is electronically searchable - which is the only way that I can find some accounts. A lot of those passwords are related to those that I support. e.g. I use KeePass to generate a unique/long password for TeamViewer access.

One man that I support uses pen/paper to track account credentials.
His list has never been hacked :-)
His home office burned to the ground :-(
His list was in a "fireproof" safe :-)
His list burned up anyway :-(

A woman that I support was near Katrina. She moved far from there and decided to keep important stuff in a small fire/water resistant safe. That is where her paper password list was when a tornado took the roof off of her 3rd story apartment. She never found that safe. If someone else found it (and got it open), they had lots of important info. We tried to change the passwords on her accounts, but she could never be sure that she remembered every account on that list.

While a fire/tornado event is rare, losing the paper list is not that rare among the elderly that I support. Also, my "clients" have told me that they changed the password on an account and failed to write it down or wrote it down wrong or could not read what they wrote. Whatever happened, they could not get in to a particular account. Systems like KeePass create/save the new password and make a backup of the old password. Sometimes, a password change does not go thru and you need to know/try the old password.

The KeePass encrypted database is a local file, but I back it up to an encrypted online storage provider. Yes, an employee of the online storage provider could get to my KeePass file - then spend years attempting to get into the file.

Back doors into apps are hard to keep secret when there are millions of users of that app. People sell such valuable secrets and buyers greedily use the "secret" over and over and over. Once that happens, the secret is out.



Quote   Quote: Originally Posted by WindowRobin View Post
The problem, as I see it, is with having one master password - I know this is supposed to be kept securely by the developers, but I've heard...
There is no master password like that to KeePass (unless there is a secret back door). You pick your own master password to unlock your KeePass database*. Yes, a lot is riding on that password - but consider this: most online account passwords can be reset via e-mail. The password to your e-mail account becomes a master password for all of your other accounts. [Which is why I have lots of different/active e-mail accounts.]

*You can have multiple KeePass databases with different master passwords (e.g. not all of your eggs in one basket). Have the name of the shortcut to each database include a tiny (one character) password hint and maybe a hint as to its contents. For example: P9 could be the shortcut name to the KeePass database that holds credit card account info. The P is for plastic. Plastic being slang for credit cards. 9 might not be enough to help you with a master password, but it works for me.
My System SpecsSystem Spec
18 Sep 2016   #10
margrave

Size 12
 
 

I, too, have been using KeePass. The UI could stand some improvement, but it otherwise works well.
My System SpecsSystem Spec
Reply

 Password managers vs. Manual password management




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Password managers
I came across this this morning Password Managers Compared: LastPass vs KeePass vs Dashlane vs 1Password and I am wondering if I should be using something like the first one listed because it is free and I am never really sure of passwords as there always seems to be so many. Any thoughts and...
Software
What is 'best practice' for password management?
Hi What is the 'best practice' for managing one's passwords? A) HOW SHOULD I STORE PASSWORDS? Problems: 1. I need to manage a fairly large number (i.e. 50+). So there are too many to remember. 2. Obviously I don't want to keep them inside a simple unencrypted text file, in case my data...
General Discussion
Trouble resetting password in Windows Mail to new server password
Hi, I recently suffered a trojan virus attach and ultimately have changed my password on my email server. I have tried to reset it to the new password in Windows mail multiple times. It keeps reverting to the old password as the saved password, and I continually have to retype in the new...
Browsers & Mail
How to configure advance password management in XP mode?
I run XP mode on Windows 7 pro. The XP mode VM reports: Windows XP Professional Version 5.1 (Build 2600.xpsp_sp3_gdr.111025-1629 : Service Pack 3) Now the problem I have is that managing user accounts from the control panel is missing some standard XP functionality. The User Accounts...
Virtualization


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:44.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App