Password management?

Discussion in 'Miscellaneous' started by jkrmnj, Oct 18, 2016.

  1. I have seen tons of password management stuff to make better passwords (mine are limited to things I can remember) and they have interested me but I always run into a problem with them. Specifically, I worry about how cross platform they are. I need a solution that can work on any device with any browser, have no requirements about installing stuff, are relatively easy to use, and are very secure. I also want to spend $0 on it. These requirements come from the fact that I could be using school computers with limited access to what is installed. I also have a mobile device that I need to be able to log into.

    When I have looked at the common solutions like lastpass, they require a premium account to work across devices which has turned me away from them.

    Is there anything that can fit all of these requirements?
  2. Pen and paper :p
    jkrmnj, ShelLuser and JesusPower2 like this.
  3. Tattoos.
    jkrmnj likes this.
  4. a folder labeled PASSWORDS in your desktop clear to see so you will never miss it :)
    jkrmnj likes this.
  5. I recommend Dashlane. I use this for everything from the password for my driver's ed course to my PayPal to my PSN account. The master password is stored in the securest location of brain! :D
    jkrmnj likes this.
  6. I would definitely lose that or would forget to bring it somewhere :rolleyes:
    That would require me having that file avaiable from anywhere which means bringing my computer everywhere :p
    Lol no
    Dashlane looks really cool but the passwords are only cross platform if I pay $40 a year. If I change my passwords to be the autogenerated type of thing, I would definitely need them to sync or else I wouldn't be able to log in anywhere.
  7. Notes saved on iCloud with fingerprint lock
  8. The master password is stored in the program and with enough knowledge and experience you can easily hack into the program to find the password. as when you enter the password, it connects to the password dB to see if it matches then will proceed like any other program.

    If someone hacked that program they would have everything. One reason I would advise you stay away with password management software.
  9. KeePass. Free. No install. Run from USB. End.
  10. And I 100% disagree with this. If someone is personally targeting you to the level of going after your specific PC and wrote software to read the memory of the password DB, then that's a WHOLE different ball game.

    Plus, no the master password is not guaranteed to be in clear memory. You can use local encryption keys to encrypt in memory data.

    But that's beyond the point. Not using a password management db just because of the risk of personal attacks is far more risky than using a password management app.

    I strongly recommend either
    KeePass 2/KeePassX 2: Local DB file, no internet connection needed. However, since its offline, you are responsible for sync'ng to multiple devices, for example storing the DB file in Dropbox. However, you must be extremely careful to close the db on any device its open on if you changed the db (added/changed pw) on a different device, before updating it on a 2nd device, as you would end up overwriting your last save w/ the out of dated copy.

    Then there are online ones. I've never used them, but helped coworker set up LastPass and it seems decent. These help with the syncing aspect and maybe easier for non technical people, but you have to understand the security is lessened by it being third party.

    PW DB's have their own "hacks", but the end users passwords are encrypted with the users password, so hacking the service doesn't give you everyones PW. they have to know your master password. I am unaware of anyones passwords being leaked in any of the LastPass hacks.
    jkrmnj, jkjkjk182 and ThaKloned like this.
  11. I use Passpack myself.
  12. that's another good point about pass management....but according to Dashlane, they use the "world's strongest technology" to protect the password....idek?

    one of the only bad things about Dashlane IMO