Password APPs

[Murdochcat]

Anyone else getting their minds full up with remembering logins and passwords?

Just pondering getting a password app (for use with IOS and windows) and wondered if anyone has any experience of these / recommendations

Thanks

 

[freddiemercurystwin]

I use Password Safe Pro on my android phone. Does the job, I have 105 entries on ther so far, there's probably another few dozen old login details I probably ought to add but I do generally add anything new straight away now. No doubt some will argue they're not safe but what you gonna do otherwise?

 

[DiyNutJob]

I use notepad.exe. I enter site-name, user-name, and password. Then I save passwords.txt. I save this in an encrypted and password protected .vhd/.vhdx drive. I need one master password to get all other passwords.

 

[Mottie]

I use an app called keeper. Been using it for a fair few years. It’s a paid app, not too expensive but I’d be wary of anything keeping my passwords safe if it was free!

 

[SFK]

Suggestion .... If you are writing or storing your passwords, Write them with a common letter, that only you know, missing from the written down password.

For example
always put the letter e as second letter.
Or always put a pound at the end.
Or always start with a number..
And then always miss out that letter on your stored password list.

Sfk

 

[Wayners]

I use keepass and stored file is auto saved in Google drive.

Open on pc or phone

 

[mattylad]

When your looking be aware that Lastpass has been hacked several times and data stolen.
Lastpass is owned by Logmein.
So I'd steer clear of that one.

I did use lastpass but when they got bought out they more than doubled the price so I switched to Bitwarden, it has web, browser extension and apps for android and IOS.
With one of these apps you can set a single master password/phrase and then access all your secure data.
You can give each website a unique/different, long and difficult to crack password, no two sites need use the same password of your first cats name
You can also keep secure notes such as credit card pins etc.

When I get to a site I need to log into I just log into the extension with the single password then it will log me into the website I'm on, or I can pick one from my vault and go to it and log in.
It also enables me to keep notes with the site password page, very useful when a site asks you for other information, i.e. what colour underpants you wore on June 7th 1985 etc.

Whichever you choose, do some research into how others find it, has it been compromised etc.

 

[flameport]

When your looking be aware that Lastpass has been hacked several times and data stolen.

Also be aware the same can happen to any company where anything you enter into their software is transmitted or stored anywhere other than on your device.

All cloud enabled apps and services are insecure by default. Don't put anything there that you wouldn't want to be made public.

 

[foxhole]

I find a sentence made up of single characters easy to remember and can be easily modified to suit site requirements . Example
I 8 2 Q 4 A P 1 0 1
Where the 101 would have been my old door number .

 

[freddiemercurystwin]

Err OK, if you say so.

 

[Wayners]

I have to use a 16+ digit password with capital letters, numbers and special characters on my work laptop. The other problem is I needed to change it every 4 weeks. The number of passwords matching devices and accounts is crazy, as I have nearly 200 saved in my keepass account. I know people that can remember passwords and won't use any other method, but how they do that is a mystery.

 

[pcaouolte]

I have to use a 16+ digit password with capital letters, numbers and special characters on my work laptop. The other problem is I needed to change it every 4 weeks.

I think that these regular enforced password changes make the system less secure, people are much more likely to write down passwords if they have to change them regularly. If I walk around the office and open the top drawer of any desk I am very likely to find a notepad with passwords written on it, often with the last digit crossed out and increased by 1 in a long line.

 

[freddiemercurystwin]

Cobblers. If you're gonna be trusted with login details you need to take responsibility for keeping that password protected.

 

[DiyNutJob]

I have to use a 16+ digit password with capital letters

My rented linux server root password looks something like this:

76e4e1cdf9bf04ecc10c276d3fe9c6cc

Even so, only my IP address is allowed to use it. To notify the server of my dynamic IP, I use a custom http protocol, and send proprietary encrypted (I assume https is compromised), challenged and verified parameters like this:

{https://my-url}
b=W2nhTBHpFPWFXcROgolo3rhNrrapZrfi1RQatvmDgdN5W7+803Fp/C9nUD59LtScYjk0hgwQlnZgRNjO6D3ReBRLVnyntS2OPhvXfibC6xo+++jcc3ngn2EOjTWexQvnQGKEhBGssmw6fM30J0suf6qMqPoXm93Eu34ZsTKXLujMej5gD7DyOMb42tFfNxXWdMbOar6cBcqQo2j+xGHSLlaBOEdCOxcryNapVyzZBJJB6sRvHoxvDUkzKDWt3eWENTbOPrZqM9rcdztTvzk5b0gr+fu9BDVVCkh+N7jPrGc9ZDfxu1ciiNXOLSWNzeQ+SMMU4IuE4aSy6ZYMGiU0TA==&c=ABC

Needless to say, I have no idea what's going on since I put that in place. Google and their script kiddies have real trouble breaking through.

 

[FunkMaster]

I use LastPass … family subscription and have been with them for years.

The most important password generally is your email account these days as with access to that, most other passwords can be reset.

But where it exists, I add 2FA and use Authy for that or a text message.

Nothing is perfect in the digital world as if there is a need it can be breached; it’s just an investment of time thing.