Password Managers

[RealP]

I mean to increase the security around my private data and I'm considering installing a Password Manager. I looked into a few and the best ones seem to be 1Password and Dashlane, but I am no expert on the subject. I read that a some of these Password Managers were hacked into, so clearly they are not all equally safe. 

 

I would appreciate the input from the more knowledgeable members of the boards and anyone who's had experience with this.

[Guest NateC]

Check out LastPass https://lastpass.com/

Security expert Steve Gibson endorses it: http://blog.lastpass.com/2010/07/lastpass-gets-green-light-from-security.html

[shirgall]

I've been using Lastpass for a while, too, and it has the added benefit of allowing me to share passwords with my spouse.

[Lingum]

Look up the features of the different password managers to find one that meets your needs. I've used KeePass for a few years, and I'm very happy with it. I keep a standalone version with a password protected database on my Dropbox. KeePass keeps all your passwords locally. In addition, I use Firefox to remember login information so I never have to enter them. With Firefox sync you can share passwords, bookmarks, settings on multiple devices. That service is encrypted and inaccessible even to the Mozilla crew themselves. I still use my password manager as an archive of passwords and personal information, and backup.

 

Using a password manager can increase the security of your private data tremendously. However, it does require some work and effort on your part. I had to spend a few hours going through all my online accounts to change passwords and other security details.

 

You typically want to seperate your online accounts and their passwords

• Don't use the same password and username several places
• Don't use the same password on a site that is connected to your e-mail

If you're going to use an online based password manager (keeps your data for you), you should do some research on it first. Is it a reputable software? Have they had security issues in the past?

[RealP]

NateC, shirgall,

 

Are you premium users of LastPass? Expert endorsement is a big plus. I'll give it a try.

 

Lingum,

 

I think you're right about the questions one should ask when going for an online based password manager. I visited KeePass' website, but my gut doesn't allow me to trust a website that is not very corporate-y, although the ratings (http://keepass.info/ratings.html) seem to be pretty good.

 

So many choices make me anxious, we need the state to come up with a password manager and ban the others! 

[shirgall]

Are you premium users of LastPass? Expert endorsement is a big plus. I'll give it a try.

 

Yes, I'm a premium subscriber to lastpass (mostly because I wanted the mobile app integration and the shared folders).

[magentawave]

I've been using the free version of LastPass on my Macbook Pro for a few years and I'm very happy with it. I paid for the mobile version for my iPad and Android phone but it wouldn't automatically log me in like the computer version does so I stopped paying for it. I can still use the free version on my iPad and phone but it requires more work to log in.

[shirgall]

I've been using the free version of LastPass on my Macbook Pro for a few years and I'm very happy with it. I paid for the mobile version for my iPad and Android phone but it wouldn't automatically log me in like the computer version does so I stopped paying for it. I can still use the free version on my iPad and phone but it requires more work to log in.

 

Getting it to automatically log in does take a little bit of setting up, including some changes to security settings. Because of the possibility of losing my phone, I don't have it enabled but I did try it at one point.

 

Often the lastpass keyboard gets disabled by updates of other keyboard apps, as they love to reset your settings.

[Magenta]

I've been a premium subscriber to LastPass for about 3 years now and it's treated me great on both my work PC, home PC, and smartphone. Having an offline password manager is inherently more secure, but significantly less convenient, so I use LastPass and I haven't heard of any security breaches.

[FriendlyHacker]

Don't use a password manager that keeps the passwords anywhere outside of your own computer, if you manage passwords from a browser plugin that saves the data on a cloud server, that adds quite a few more breaking points in security.

 

And make sure that access to your password manager is password locked too.

[magentawave]

So you don't recommend using something like LastPass?

 

Don't use a password manager that keeps the passwords anywhere outside of your own computer, if you manage passwords from a browser plugin that saves the data on a cloud server, that adds quite a few more breaking points in security.

 

And make sure that access to your password manager is password locked too.

[RealP]

Don't use a password manager that keeps the passwords anywhere outside of your own computer, if you manage passwords from a browser plugin that saves the data on a cloud server, that adds quite a few more breaking points in security.

 

And make sure that access to your password manager is password locked too.

 

Thank you for your tips. Do you have any software suggestions?

[FriendlyHacker]

http://sourceforge.net/projects/passwordsafe/files/?source=navbar

[magentawave]

Do you have any recommendations for a local password manager that works on OSX? And preferably one that is free?

 

 

http://sourceforge.net/projects/passwordsafe/files/?source=navbar

[FriendlyHacker]

http://zdia.de/downloads/gorilla/

[shirgall]

I used to use PasswordSafe, but when I needed to share passwords with my wife, it was unwieldy, which is how I ended up with LastPass.