Password Managers (and security)

Discussion in 'Interests' started by counter, Aug 2, 2018.

  1. counter

    counter Moderator Staff Member Server Moderator Platinum VIP

    Joined:
    Feb 21, 2015
    Messages:
    3,131
    Likes Received:
    850
    Server:
    Flood
    Discord:
    co#2858
    I stumbled upon a notice on github that informed of my password that I use for most major platforms (eg: google, paypal, outlook) has been compromised according to this site and from a notice on Github. Out of my own stupidity and carelessness I decided to use that password for other services notably education which I believed held importance and honestly didn't think such compromisation would be likely. (I use a completely different set of passwords for sites such as spotify, reddit that I don't really care much about if I lose access)

    So I'm curious if you guys use a strong password generator to store on password managers such as dashlane, lastpass, 1password and if I should consider getting one. If so, what do you use and/or would recommend? I've read numerous reddit posts to find every one of them has its pros and cons so I'm not sure which one is trustworthy and reliable enough to gatekeep these long generated passwords "forever".

    Is it worth sacrificing the security of your accounts for convenience? Or do you just write everything in an encrypted zip file and hide it onto your system folder, or any of the likes? Or is 2 factor authentication the ultimate way-to-go solution (which I use but sometimes can be a pain if my phone dies out, don't have data, reception, etc.)?

    Ultimately, how do you go about storing (or remembering) your passwords for every site (if you use a different one for each)?

    For example, I currently store my server database password on my own personal discord server :p (as well as other files like schoolwork)
     
    Last edited: Aug 2, 2018
    #1
  2. Bayrock

    Bayrock Founder & Developer Staff Member Founder

    Joined:
    Jun 2, 2014
    Messages:
    1,532
    Likes Received:
    661
    Discord:
    Bayrock#2940
    I don't use any programs, but I use a different password for every site.

    I don't write them down anywhere, I just remember or use forgot password.
     
    #2
  3. StrannikZ

    StrannikZ Savior of Galaxy Contributor Bronze VIP

    Joined:
    Feb 21, 2018
    Messages:
    136
    Likes Received:
    47
    Server:
    Flood
    Discord:
    izezo#4109
    I use my old password, changing it gradually.
     
    #3
  4. Donkie

    Donkie Founder & Senior Developer Platinum VIP

    Joined:
    Jun 2, 2014
    Messages:
    904
    Likes Received:
    661
    Discord:
    Donkie#2878
    I've used lastpass for 2-3 years now and it's a heaven to use, definitely worth paying for. I use 2FA auth whenever I can with printed backup codes.
     
    #4
  5. jeffreythe00

    jeffreythe00 Dreamer

    Joined:
    Jun 2, 2014
    Messages:
    1,277
    Likes Received:
    526
    I personally use a protected/password .txt file as my password storage. Not only is it hidden but you need a password to view its contents. Seems safer than using a "potentially" malicious password storing program. The downfall is if you forget to back it up, you lose your passwords.
     
    #5
  6. Donkie

    Donkie Founder & Senior Developer Platinum VIP

    Joined:
    Jun 2, 2014
    Messages:
    904
    Likes Received:
    661
    Discord:
    Donkie#2878
    Then your harddrive crashes and it's all gone :)
    Password manager services might get hacked sure but the well known ones use pretty much uncrackable encryption methods so nothing can get stolen. The cases of password breach you've heard before is from companies which didn't take encryption seriously.
     
    #6
  7. Sotori

    Sotori Flooderator Inc. Staff Member Community Manager Platinum VIP

    Joined:
    Jul 28, 2017
    Messages:
    371
    Likes Received:
    59
    Server:
    Flood
    The passwords I use for accounts that wouldn't hurt me if compromised are still strong.
    Passwords I use for accounts that would hurt me if compromised are always really long. (20 characters or more)

    The way I go about remembering all of them is always with a .txt deep in one of my hard drives and a sticky note/stored paper in my desk

    Though all of this may or may not be true ;)
     
    #7
  8. Vixen

    Vixen Neko Trap Gold VIP

    Joined:
    Feb 19, 2017
    Messages:
    289
    Likes Received:
    87
    Discord:
    Trapxify#4667
    The accounts i care about have some weird long passwords with numbers letters and symbols that i wrote down somewhere (i mostly forget where kek)
    The accounts i dont really care about all have the same password
     
    #8
  9. Noriaki Cocaine

    Noriaki Cocaine Devine Member

    Joined:
    Jun 22, 2015
    Messages:
    540
    Likes Received:
    111
    Server:
    Flood
    Discord:
    exotranc#3653
    I keep everything written out on pieces of paper. I switch my passwords on my most common sites all the time. These breaches are the worst because you never know if your account is going to get attacked out of the potential millions.
     
    #9