Lost email password.

These password managers seem like a good idea but what if your actual laptop/computer get stolen?
A 'reasonable' hacker should be able to get into your pc and use your PM to access your accounts surely?
If you want to change your password you need to put the original one in as confirmation before selecting a new one. So unless you have them written down somewhere else you are going to have difficulty changing them quickly when you get a replacement PC.
 
Sponsored Links
SirGalahad said:
Well even if the data is encrypted if someone gets acess to it - they can spend as long as they like cracking it with rainbow tables. Some salt n pepper goes a long way. :mrgreen:
Argon ftw!
Click to expand...
If they did it properly, which depressingly isn't always. They should only be storing the salted hash, which always makes me peckish.
 
Last edited:
conny said:
These password managers seem like a good idea but what if your actual laptop/computer get stolen?
A 'reasonable' hacker should be able to get into your pc and use your PM to access your accounts surely?
If you want to change your password you need to put the original one in as confirmation before selecting a new one. So unless you have them written down somewhere else you are going to have difficulty changing them quickly when you get a replacement PC.
Click to expand...
The password manager should be locked with a very good password, I agree with the concept of pass phrases rather than passwords, but I'll call them passwords for now. A very good password is nearly impossible to crack even if you have the computer in your hands. So someone steals your computer, takes the Hard drive out, opens up your disk and finds an encrypted password manager file. That file should be utterly useless to them.

My password manager is stored in the cloud, so it doesn't matter if the PC is lost, that useless encrypted file that only I can open is still there for me on one of my other devices.

Writing things down on paper is just an old fashioned password manager. One that's much easier for someone who breaks into your house to steal along with your PC.

https://www.useapassphrase.com/

Security is a balance between risk and cost. Too much security and it's too hard to use, too little and you can have people buying stuff off the internet with your card details. The trick is to find the most effective, but least awkward, ways to be secure.
 
IT Minion said:
The password manager should be locked with a very good password, I agree with the concept of pass phrases rather than passwords, but I'll call them passwords for now. A very good password is nearly impossible to crack even if you have the computer in your hands. So someone steals your computer, takes the Hard drive out, opens up your disk and finds an encrypted password manager file. That file should be utterly useless to them.

My password manager is stored in the cloud, so it doesn't matter if the PC is lost, that useless encrypted file that only I can open is still there for me on one of my other devices.

Writing things down on paper is just an old fashioned password manager. One that's much easier for someone who breaks into your house to steal along with your PC.

https://www.useapassphrase.com/

Security is a balance between risk and cost. Too much security and it's too hard to use, too little and you can have people buying stuff off the internet with your card details. The trick is to find the most effective, but least awkward, ways to be secure.
Click to expand...

There is always one solution...get rid of the users. :p
 
Sponsored Links
If the Pentagon and British security services can be hacked I'm sure it won't be too long before someone cracks the 'cloud'.
Whether you will get to hear about it is another matter.
 
conny said:
If the Pentagon and British security services can be hacked I'm sure it won't be too long before someone cracks the 'cloud'.
Whether you will get to hear about it is another matter.
Click to expand...
It's all a trade off, the only secure computer is one in a nuclear silo with multiple backup power supplies that isn't connected to the internet and is turned off. Pretty useless for me to do my online banking.
 
conny said:
If the Pentagon and British security services can be hacked I'm sure it won't be too long before someone cracks the 'cloud'.
Whether you will get to hear about it is another matter.
Click to expand...

https://www.f5.com/labs/articles/th...art-2--breach-highlights-for-the-past-3-years

All breaches need to be reported to the ICO, but once we are out of the EU and you are a UK citizen then that might be watered down. As a EU citizen UK companies will still need to abide by GDPR regs.

So it will be UK citizen data protection on the whim of the ICO office vs EU citizens data protected under GDPR.
 
IT Minion said:
It's all a trade off, the only secure computer is one in a nuclear silo with multiple backup power supplies that isn't connected to the internet and is turned off. Pretty useless for me to do my online banking.
Click to expand...

But you would have a nuclear silo... Come on that's gotta be worth a talking point or two. :mrgreen:
 
You must log in or register to reply here.
Sponsored Links

Similar threads

C
Forgotten email password.
Replies
3
Views
729
conny
C
I
Garmin website login problem
Replies
3
Views
685
imamartian
I
F
xp password recovery
2
Replies
15
Views
2K
Mickymoody
M
C
Harrasment through Facebook and text advice needed
Replies
4
Views
842
John506
J
Mikefromlondon
How about an Apps for Deaf people for smart phone!
2
Replies
27
Views
1K
Mikefromlondon
Mikefromlondon
Back
Top