Re: Password manager

I use 'Keypass2' on my Linux laptop. It's very handy.



Jim

Re: Password manager

Thanks for the link Jim,,

How does that work when using several internet machines, ie 2 computers, Ipad and IPhone...

Re: Password manager

Regarding keepass. I use it at work and at home and its a really useful program

The hyperlink and Autotype feature is really useful at work when people come asking for support on systems I can click on a link in keepass and then autotype the username/password (which is very configurable if the webpage needs it) and neither have appeared on the screen when someone is standing behind me

I also use the password generator thereby using strong individual passwords on just about every system

Regarding sharing it the database can be stored as a file in a dropbox/onedrive etc folder and accessed through different versions which are available for droid/ipad etc. I have to say I don't use it on my phone I just keep a separate database as there are very few passwords I need on my phone compared to the literally 100 or so I have on each of my work and my home PC

regards
Andy

Re: Password manager

Passwords are one of my pet aversions. In spite of taking care to record them I inevitably get locked out of something every once in a while.

Presently I have a serious issue on my Samsung's opening screen with the Gmail notification, "Sign-in failed" accompanied by very annoying periodic double pings, in spite of the fact that my sign-in was successful. This happened after changing my Gmail password for security reasons when I returned the Sony phone to the store for refund or replacement.

I've not been able to block the pinging notification in spite of having checked all the appropriate settings. I've also emailed Google for a solution - it may be a long wait. Meanwhile to minimise the annoyance I've had to set my sounds to "vibrate" and hope I don't miss a call. Hope springs eternal!

When I'm asked for a password, like Hermann Goring, I reach for my revolver!

Re: Password manager

I use iPassword, free from Apple. Only have to remember one password.

Re: Password manager

Another vote for KeePass. It's free and open source. I use it on desktop, laptop and Android phone. The database is kept in OneDrive.

Re: Password manager

I keep the database on my laptop, but really ought to save it in a cloud account. I've tried saving it in my Google Drive account but am having problems.

I'm using the form:



With my account name and password, but the program locks up and eventually times out.

Jim

Re: Password manager

I use the venerable old Password Safe, a tad geeky but very secure.

And yes, it makes the passwords gobbledygook. That's rather the point!

Did you know that if you have a sign-on for a site, say Amazon, and they are storing the password properly then it is mathematically impossible for anyone (including you and hackers) to work out the password systematically from the stored "mangled" version. All you can do is supply a password and see if it's correct. It's all rather neat.

Re: Password manager

I'm now using 'grive' (a command line utility. 'Real Men' don't use a gui!) set up with a cron task to run every day in the evening. Looks OK so far.

Jim

Re: Password manager

I use SplashId Safe.

This is stored in the cloud using 256 bit Blowfish encryption and has the big benefit of working across PC, laptop and Android phone and because it syncs instantly, assuming you have web access at the time of course, any changes on any device are immediately available on another device. There is also an IOS version I believe. I've been using for many years and as I've swapped platforms on phones etc. it has meant I always have access to all my UID/PW information whatever I am using.

If you are averse to the cloud this version will not be for you but given the nature of the encryption I regard any risk as less than storing, say, on my phone which I could easily lose and hence I could be hacked. That's very much a subjective view of course.


Hec

Re: Password manager

I use KeePass on desktop and Android phone, too. I use an app (myphoneexplorer) to manually keep the desktop and phone in sync.

I don't use the cloud to store the database as, although very secure, nothing is 100% secure and sending my passwords over the internet, even encrypted, doesn't seem worth the risk.

Re: Password manager



But whenever you use a password on an external site, it's sent over the Internet!

Jim

Re: Password manager

But that's just one password (that is sent encrypted if the web site is configured correctly). Storing a password database in the cloud would potentially put every password I use open to attack.

Re: Password manager

I would be rather sceptical of that security, John. The US government decreed that no encryption is to be so secure that they can't break into it, and since all internet traffic has to go via the USA at some point, it's either comply or be blocked. OK, one could perhaps say it doesn't matter if a government agency like that does gain access, but if they can, hackers are likely to be able to.

There's a point that I've made elsewhere about data that you wish to keep secure: there's nothing as secure as a removable piece of media that isn't connected! Could be a DVD, CD, memstick; when it's not in the computer, no-one can access it. And if you limit the time when it is connected to the absolute minimum, it's pretty damn secure. It's like the only truly secure encryption still is the old one-time pad. Use it once, discard the page. (For those who don't know what a one-time pad is, it's a system whereby the encryption code is unique on each page of a tear-off pad; the sender and receiver have one each, and once used, each tears off the page and destroys it. That is uncrackable, for all practical purposes.)