boots11234
Footballguy
I'm looking for an app or something to use to be a repository for all my PW"s used for my online sites. I'd prefer something free but willing to pay if its good. What do you all use or recommend?
So that means if footballguys, or any other web site you use got hacked, once your password gets leaked onto the internet, all someone has to do is replace “footballguys” with the name of the web site they’re trying to log into with your credentials, and they’re in? If so, it sounds no more secure than just using the same password everywhere.Got mine listed out in an electronic document. I have recently started a new password system that I hope allows me to remember my passwords better. I have a certain letter sequence and a certain number sequence that I know I will never forget and use in all my passwords. I then sandwich the website or app name in between which should be obvious when I am logging in. This makes all my passwords unique, but with a common template. So my Footballguys password is essentially the following: lettersequencefootballguysnumbersequence. If the account requires a symbol in the password, I use a particular symbol that I throw on the end.
Password Safe is a free, open source tool that my IT security folks at work recommend.I'm looking for an app or something to use to be a repository for all my PW"s used for my online sites. I'd prefer something free but willing to pay if its good. What do you all use or recommend?
Really not a good idea.A password protected excel doc. Lord help me if I ever forget that password.
If someone hacks into my work network then c'est la'vie. The doc is saved there and I don't access it anywhere but my office. I'll add password safe to the to do list though.
This is what I use.I use a sheet of paper. Good luck hacking that.
Yep. Typed em all out on a spreadsheet, printed it, and didn’t save the file. Repeat every couple of years as passwords change or accounts added.I use a sheet of paper. Good luck hacking that.
My method is very similar. Besides the bolded*, I add characters, but not whole words, that indicate the type of business and name. Upper case and special characters are added when required.Got mine listed out in an electronic document. I have recently started a new password system that I hope allows me to remember my passwords better. I have a certain letter sequence and a certain number sequence that I know I will never forget and use in all my passwords. I then sandwich the website or app name in between which should be obvious when I am logging in. This makes all my passwords unique, but with a common template. So my Footballguys password is essentially the following: lettersequencefootballguysnumbersequence. If the account requires a symbol in the password, I use a particular symbol that I throw on the end.
Agreed to an extent.So that means if footballguys, or any other web site you use got hacked, once your password gets leaked onto the internet, all someone has to do is replace “footballguys” with the name of the web site they’re trying to log into with your credentials, and they’re in? If so, it sounds no more secure than just using the same password everywhere.
I use 1Password, works well, worth the nominal cost.
Lastpass
https://xkcd.com/936/My friend that works for IBM recently told me that security is telling them the most important thing about a password is length. Special characters, numbers, capital letters aren't nearly as important as length. They recommended making it a sentence or something. All the shorter ones are broken easier with brute Force. When quantum computing comes we are all screwed.
How do you do this when one site requires a special symbol and another will not accept a spec!@l symbol?I use the same password for everything, but I add the first and last letters of whatever website I'm using.
(However, one flaw in my system is that when a company changes its name or gets bought out, it can be difficult to remember exactly what their old website used to be.)
I replace the symbol with the number associated with it on the keyboard.How do you do this when one site requires a special symbol and another will not accept a spec!@l symbol?I use the same password for everything, but I add the first and last letters of whatever website I'm using.
(However, one flaw in my system is that when a company changes its name or gets bought out, it can be difficult to remember exactly what their old website used to be.)
may give that a look.Another vote for LastPass here. It's a lifechanger. Get the browser extension and the app for your phone, I haven't remembered or typed a password in ages.
What does the Premium version of LastPass get you that the Free version does not have (I can't tell the difference when comparing on their website)?
I pay for the premium version and it's great. Works really well with IOS and face ID or fingerprint
as someone who works on cloud infrastructure and sees the security risks, i think i agree.I replace the symbol with the number associated with it on the keyboard.
Not saying this is a perfect system (some sites require a specific number of characters for their passwords, which messes with everything). But I trust it more than I trust giving all my passwords to an app.
I gotta remember this, but I'll probably forget.I remember them... If I forget one, I hit "forgot password"
Same here. Most of mine are auto-loaded into my browsers (is this not smart? ) but for ones I have to enter, my memory is still sharp enough to remember them. If I don't, I reset.I remember them... If I forget one, I hit "forgot password"
Good question. One that at this point I admit I couldn't even answer I think they've changed what features are premium and what are free since I became a premium subscriber, 3-4 years ago maybe. I think at that point you needed premium to use it on multiple devices? Back then it was only $12 per year and I know there was some essential feature that was locked behind premium.What does the Premium version of LastPass get you that the Free version does not have (I can't tell the difference when comparing on their website)?
IDK the stats, but my suspicion is most passwords are stolen via a phising scheme, so no matter how strong a PW someone might have, it wouldn't matter in that scenario.Same here. Most of mine are auto-loaded into my browsers (is this not smart? ) but for ones I have to enter, my memory is still sharp enough to remember them. If I don't, I reset.
i generally don't do this if the site is related to my financials.Same here. Most of mine are auto-loaded into my browsers (is this not smart? ) but for ones I have to enter, my memory is still sharp enough to remember them. If I don't, I reset.