I have seen tons of password management stuff to make better passwords (mine are limited to things I can remember) and they have interested me but I always run into a problem with them. Specifically, I worry about how cross platform they are. I need a solution that can work on any device with any browser, have no requirements about installing stuff, are relatively easy to use, and are very secure. I also want to spend $0 on it. These requirements come from the fact that I could be using school computers with limited access to what is installed. I also have a mobile device that I need to be able to log into. When I have looked at the common solutions like lastpass, they require a premium account to work across devices which has turned me away from them. Is there anything that can fit all of these requirements?
I recommend Dashlane. I use this for everything from the password for my driver's ed course to my PayPal to my PSN account. The master password is stored in the securest location of all....my brain! https://www.dashlane.com/
I would definitely lose that or would forget to bring it somewhere That would require me having that file avaiable from anywhere which means bringing my computer everywhere Lol no Dashlane looks really cool but the passwords are only cross platform if I pay $40 a year. If I change my passwords to be the autogenerated type of thing, I would definitely need them to sync or else I wouldn't be able to log in anywhere.
The master password is stored in the program and with enough knowledge and experience you can easily hack into the program to find the password. as when you enter the password, it connects to the password dB to see if it matches then will proceed like any other program. If someone hacked that program they would have everything. One reason I would advise you stay away with password management software.
And I 100% disagree with this. If someone is personally targeting you to the level of going after your specific PC and wrote software to read the memory of the password DB, then that's a WHOLE different ball game. Plus, no the master password is not guaranteed to be in clear memory. You can use local encryption keys to encrypt in memory data. But that's beyond the point. Not using a password management db just because of the risk of personal attacks is far more risky than using a password management app. I strongly recommend either KeePass 2/KeePassX 2: Local DB file, no internet connection needed. However, since its offline, you are responsible for sync'ng to multiple devices, for example storing the DB file in Dropbox. However, you must be extremely careful to close the db on any device its open on if you changed the db (added/changed pw) on a different device, before updating it on a 2nd device, as you would end up overwriting your last save w/ the out of dated copy. Then there are online ones. I've never used them, but helped coworker set up LastPass and it seems decent. These help with the syncing aspect and maybe easier for non technical people, but you have to understand the security is lessened by it being third party. PW DB's have their own "hacks", but the end users passwords are encrypted with the users password, so hacking the service doesn't give you everyones PW. they have to know your master password. I am unaware of anyones passwords being leaked in any of the LastPass hacks.
that's another good point about pass management....but according to Dashlane, they use the "world's strongest technology" to protect the password....idek? https://www.dashlane.com/security one of the only bad things about Dashlane IMO
