PDA

View Full Version : Password safe


sapper
30th August 2018, 09:31 AM
I use iPassword cos I use a mac. Wifey uses a PC and wants something similar, any recommendations?

TimP
30th August 2018, 10:26 AM
There’s loads I think, Lastpass, 1Pass. One of those got hacked a year or more ago but I don’t think anything was compromised, which is always a risk when you’ve got all your eggs in one basket. Says the guy who trusts his to Apple!
Passwords? Damn nightmare!

Jim Ford
30th August 2018, 10:26 AM
I use 'Keypass' for my Linux machine, to store password. It's available for all platforms:

https://keepass.info/

Jim

sapper
30th August 2018, 10:32 AM
Thanks guys. I will pass on to wifey. Thing I like about iPassword is that it is not cloud based, all the info is stored on my mac.

TimP
30th August 2018, 11:27 AM
Does it work across devices, so access a website on a tablet and it pulls the password, or do you only use the one device?

Jim Ford
30th August 2018, 11:31 AM
Thanks guys. I will pass on to wifey. Thing I like about iPassword is that it is not cloud based, all the info is stored on my mac.

Neither is 'Keypass'. The database is also portable across different devices on different platforms.

Jim

sapper
30th August 2018, 11:34 AM
Does it work across devices, so access a website on a tablet and it pulls the password, or do you only use the one device?

I have it installed on two devices.

Naughty Nigel
30th August 2018, 11:44 AM
Thanks guys. I will pass on to wifey. Thing I like about iPassword is that it is not cloud based, all the info is stored on my mac.

Are you sure about that Dave?

I know we are talking about different things, but I was surprised when I updated my email password on my iPad it automatically updated the password on my iPod! This is a very convenient feature but obviously means my password is stored somewhere in the iCloud, although highly encrypted I am sure.

sapper
30th August 2018, 11:53 AM
Hmmmmmm, got me thinking. I must admit, that when I got my iphone, all my contacts appeared on it, but only while i was online using my wifi. Once I left the house and data off, the contact disappeared.So, who knows?

Keith-369
30th August 2018, 03:57 PM
I have a spreadsheet with all my sites with their usernames and passwords on. This is stored on my pc and 3 external drives. I use a printout for general day to day reference, handwriting new ones on it and moving that info to the spreadsheet when I have, say, 5 or 6 new ones. I don't like trusting anyone or anything where this info is concerned.

Jim Ford
30th August 2018, 04:06 PM
I have a spreadsheet with all my sites with their usernames and passwords on. This is stored on my pc and 3 external drives. I use a printout for general day to day reference, handwriting new ones on it and moving that info to the spreadsheet when I have, say, 5 or 6 new ones. I don't like trusting anyone or anything where this info is concerned.

Is the spreadsheet encrypted? It all looks a bit dodgy and insecure to me!

Jim

sapper
30th August 2018, 04:15 PM
I use iPassword because if a criminal breaks into my home, they cannot accessories my info, on a printed spreadsheet, it's there for all to see.

Keith-369
30th August 2018, 05:19 PM
Jim & Dave, fair comment.

Must admit, I haven't really gone into how these programs work but I really don't trust all my usernames and passwords to just one program or such like. Have a hard drive blow out and all that vital info is lost forever, same as if a cloud provider goes offline etc. Not too sure what the real answer is.

Thanks for your thoughts *chr

sapper
30th August 2018, 05:39 PM
iPassword world like this.
Details of company, bank or whatever are entered, with an individual password for each one.
The Program itself has a password. That is the one that you need to remember.
I have one iPassword on my desktop and one on my laptop. If I change a PW for a company on one of those, I have to physically do it on the other. They are not linked.
My wife knows the main PW, so if I pop my clogs, she can access my accounts, but no one else.

I recently attended a cybercrime presentation run by a local U3A. Apart from emphasising the difference between 'ordinary" crime and cyber crime, the police officer spoke about passwords. Most are easy to break for some one who knows how, mothers maiden name, pets name ETC can be broken in seconds it seems. He recommended a 3 random word PW, each word beginning with a capital and separated by a dash EG Dash-Pass_Bonkers. Apparently, it would take 29million years t break that type of PW.

Having iPassword saves me remembering all those random 3 word PW's, I just have to remember 1!

Jim Ford
30th August 2018, 07:23 PM
Having iPassword saves me remembering all those random 3 word PW's, I just have to remember 1!

Same with Keypass. All my passwords are held in the encrypted database which is secured with a master password, which I trust to be very difficult. I can put the database on a USB stick and read it on another machine of a different platform, as long as Keypass is installed on the machine (and I remeber the master password!).

Jim

Keith-369
30th August 2018, 07:35 PM
Thanks Dave and Jim. Very informative. I will give this much thought. Many thanks to you both (especially Dave whose thread this is. Hope I haven't been too much trouble in it)

Dave, I look forward to you letting us know your final choice for the PC. *chr

shenstone
30th August 2018, 08:00 PM
Another recommendation for keepass

I use it and so do some of the IT security professionals I work with. Some very good.options for security in the setup. Even the default settings and use are pretty good and as said you can share a database across devices if you want to

Regards
Andy

drmarkf
31st August 2018, 12:46 PM
I recently attended a cybercrime presentation run by a local U3A. Apart from emphasising the difference between 'ordinary" crime and cyber crime, the police officer spoke about passwords. Most are easy to break for some one who knows how, mothers maiden name, pets name ETC can be broken in seconds it seems. He recommended a 3 random word PW, each word beginning with a capital and separated by a dash EG Dash-Pass_Bonkers. Apparently, it would take 29million years t break that type of PW.

Having iPassword saves me remembering all those random 3 word PW's, I just have to remember 1!

I played with iPassword quite a few years ago, but I work across PC and iDevices and (at that stage) it wouldn't play in the way I wanted it to. Might be better now, I suppose.

Instead I continued with a system recommended by my old departmental IT bod, which is similar to Dave's suggestion. I have 3-component passwords consisting of combinations of the names of a number of 'significant' people in my past, significant dates (not the obvious birthdays), plus sets of keyboard characters.

I have an encrypted Word file (called something misleading) only on my desktop PC and on an encrypted USB stick and a plug-in USB platter drive as backups, and this lists the websites concerned (in abbreviations so they're not obvious) plus standardised clues to the names, dates and characters. When I travel I usually take a print-off of this.

For a fictional example (and not to give anything away), I might have part of a password as the name KennethClark, and this part of the password would be listed for me in the Word file as the clue 'lift'. Anyone who knew that this name & association comes from the grandiose refurbishment of a single lift at Addenbrooke's Hospital in the 1990s for the use of the then Minister of Health on his single visit would deserve to access that website as far as I'm concerned :)
(but they would also need to decode the date and character clues)

Works for me, and has done for nearly a decade now.