musicbysterling Posted May 3, 2020 Share Posted May 3, 2020 Lately, I've seemed to lost control of my list of passwords. Even though I've attempted to consolidate them lately, there are some from over year ago that I've forgotten and/or can't find my notes on what they actually were. Can anyone recommend an app that would assist me in organizing my passwords? Thx in advance! Quote �Ah, music," he said, wiping his eyes. "A magic beyond all we do here!� J.K. Rowling, Harry Potter and the Sorcerer's Stone Link to comment Share on other sites More sharing options...
midinut Posted May 3, 2020 Share Posted May 3, 2020 We use LastPass and love it. Quote Hardware: Yamaha: MODX7 | Korg: Kronos 88, Wavestate | ASM: Hydrasynth Deluxe | Roland: Jupiter-Xm, Cloud Pro, TD-9K V-Drums | Alesis: StrikePad Pro| Behringer: Crave, Poly D, XR-18, RX1602 | CPS: SpaceStation SSv2 | Controllers: ROLI RISE 49 | Arturia KeyLab Essentials 88, KeyLab 61, MiniLab | M-Audio KeyStation 88 & 49 | Akai EWI USB | Novation LaunchPad Mini, | Guitars & Such: Line 6 Variax, Helix LT, POD X3 Live, Martin Acoustic, DG Strat Copy, LP Sunburst Copy, Natural Tele Copy| Squier Precision 5-String Bass | Mandolin | Banjo | Ukulele Software: Recording: MacBook Pro | Mac Mini | Logic Pro X | Mainstage | Cubase Pro 12 | Ableton Live 11 | Monitors: M-Audio BX8 | Presonus Eris 3.5BT Monitors | Slate Digital VSX Headphones & ML-1 Mic | Behringer XR-18 & RX1602 Mixers | Beyerdynamics DT-770 & DT-240 Arturia: V-Collection 9 | Native Instruments: Komplete 1 Standard | Spectrasonics: Omnisphere 2, Keyscape, Trilian | Korg: Legacy Collection 4 | Roland: Cloud Pro | GForce: Most all of their plugins | u-he: Diva, Hive 2, Repro, Zebra Legacy | AAS: Most of their VSTs | IK Multimedia: SampleTank 4 Max, Sonik Synth, MODO Drums & Bass | Cherry Audio: Most of their VSTs | Link to comment Share on other sites More sharing options...
Dave Bryce Posted May 3, 2020 Share Posted May 3, 2020 Are you on a Mac? If so, do you know about Keychain Access? That may help. dB Quote ==> David Bryce Music • Funky Young Monks <== Professional Affiliations: Royer Labs • Music Player Network Link to comment Share on other sites More sharing options...
GRollins Posted May 3, 2020 Share Posted May 3, 2020 I used to work in a mainframe computer center. We also had network stuff. Everything had passwords. Everything. I counted one time and there were something like four or five dozen userid/password combinations that I had to remember. Clearly impossible, especially when you consider that I had all my personal stuff as well; the better part of another hundred accounts' worth. My solution? A Word doc file (nowadays I use Libre Office) where I could keep all that plus associated notes for each site. High tech? Nope. By design. The problem with password programs is that you're one hack away from losing absolutely everything. NEVER EVER, EVER fall for the "Oh, we use best industry practices..." or "We use one million bit encryption!" or "We're the most security conscious people on the planet." Ever. So what do I do for security? I'm a pack rat. I've got my last four PCs. I keep sensitive stuff like that on an old, air-gapped PC with double backups. Yes, I sometimes have to prise my lazy butt up out of my chair if I don't remember something. Tough toenails. 1) I need the exercise to maintain my youthful, slender charm. (ahem) 2) I sleep better at night, knowing that I have control of my info. Grey Addendum #1: I repeat, NEVER assume that you're safe just because someone tells you how good a job they're doing. EVER. Gawd, the tales I could tell you from work about nitwits doing the dumbest things, then solemnly assuring everyone that everything was tight. Don't buy it. Addendum #2: Last fall my personal email password was hacked. 14 characters. "Strong," by any metric. Pass phrase that verged on totally random to anyone but me...and yet someone broke it. Why anyone would expend the effort on po', little ol' me, I dasn't know, but they did. If I, as an official nobody, am worth that much effort then imagine the bounty that would result from going through the backdoor (and there's ALWAYS a backdoor) to one of the password programs. Addendum #3: Don't say I didn't warn you... Quote I'm not interested in someone's ability to program. I'm interested in their ability to compose and play. Link to comment Share on other sites More sharing options...
xKnuckles Posted May 3, 2020 Share Posted May 3, 2020 I use 1 password. I can't recommend it highly enough. It gives you crazily strong, different passwords for everything but all you ever have to remember is one password (which is never written down down anywhere). It is so good that I have taken to using it to store other things also: important notes etc. With each password you can also store other info if you wish, like your username, their web address, what the thing is actually for.....etc. My life was a total, disastrous mess before I got it. Now I have this beautiful, calm, hummingbird filled epicentre of well organised sanity (....but regrettably surrounded by endless vortexes of shambolic confusion....)... Quote "Turn your fingers into a dust rag and keep them keys clean!" Bluzeyone Link to comment Share on other sites More sharing options...
The Real MC Posted May 3, 2020 Share Posted May 3, 2020 My passwords are recorded with good old pencil and paper. Hackers can't get to that. 2 Quote Link to comment Share on other sites More sharing options...
Reezekeys Posted May 3, 2020 Share Posted May 3, 2020 Safari on the Mac offers to make up passwords that seem pretty strong to me, then stores them. I never think about it. There have been times I've needed to access my stored passwords and they're not that hard to get to. You don't specify what platform you're on, but surely any Windows browser has the same feature? Quote Link to comment Share on other sites More sharing options...
GRollins Posted May 4, 2020 Share Posted May 4, 2020 Oh, and another point...do not assume for a moment that because you haven't found yourself to be hacked today that you're safe. The people who truly mean harm crack the safeguards ahead of time, then sit patiently...waiting...waiting...for the right moment... Don't say you weren't warned. Grey Quote I'm not interested in someone's ability to program. I'm interested in their ability to compose and play. Link to comment Share on other sites More sharing options...
musicbysterling Posted May 4, 2020 Author Share Posted May 4, 2020 Are you on a Mac? If so, do you know about Keychain Access? That may help. dB Quote �Ah, music," he said, wiping his eyes. "A magic beyond all we do here!� J.K. Rowling, Harry Potter and the Sorcerer's Stone Link to comment Share on other sites More sharing options...
musicbysterling Posted May 4, 2020 Author Share Posted May 4, 2020 D"OH! I"m a Mac user and completely forgot about Keychain. Thx DB et all! Quote �Ah, music," he said, wiping his eyes. "A magic beyond all we do here!� J.K. Rowling, Harry Potter and the Sorcerer's Stone Link to comment Share on other sites More sharing options...
nursers Posted May 4, 2020 Share Posted May 4, 2020 Yep Keychain is great - I just create a new note in Keychain for specific passwords etc. I also use the functionality in Safari as Reezekeys mentioned, it works well Quote The Keyboard Chronicles Podcast Check out your fellow forumites in an Apple Music playlist Check out your fellow forumites in a Spotify playlist My Music: Stainless Fields Link to comment Share on other sites More sharing options...
KuruPrionz Posted May 4, 2020 Share Posted May 4, 2020 I have a Mac and use Keychain Access for many things that i don't really care much about being hacked. And... For more access to sites that I do NOT want anybody to have, ever... I keep my passwords on seperate text documents that are stored on a USB drive and/or SD card (yes, I have backups!!). ALWAYS EXTERNAL and only plugged in if I need a password. To protect against slimeware that tracks your keyboard strokes, I will drag the password file that I need (these have devious names too, all of them - something that reminds me what it is for and all kept in a folder with a ridiculous name) on to the desktop and remove the USB drive. That keeps the time that all of the passwords are on the computer very short. I open the needed password file, select the password with the mouse - click and drag - and then use Command C to copy it. At that point I toss that copy of the file in the trash and empty it. Then I use Command V to paste the password into place and click the button to log on. If somebody is tracking my keystrokes all they can see is that I've copied and pasted something. So far, so good. Again, that is just for websites that I feel need to be kept secure. For example, I have Keychain Access to MPN, I wouldn't worry too much of somebody hacked it and came on here spouting a bunch of crap. I do it all the time anyway!!! Cheers, Kuru Quote It took a chunk of my life to get here and I am still not sure where "here" is. Link to comment Share on other sites More sharing options...
Song80s Posted May 4, 2020 Share Posted May 4, 2020 Yeah, I use Safari as a tool. I have +50 p/w's. all these sites have their quirky character requirements. But I believe its key to be organized. I have a word doc with my stuff. I am also of the opinion that our personal info is all over the f'g place. I am not worked up about elaborate p/w protection on music sites. Thats my opinion. Quote Why fit in, when you were born to stand out ? My Soundcloud with many originals: [70's Songwriter] Link to comment Share on other sites More sharing options...
jazzpiano88 Posted May 4, 2020 Share Posted May 4, 2020 I probably shouldn't give away my strategy but all of my passwords use 4 numbers. It's easy then to have a cheat sheet on a piece of paper for every company: Amazon: 7753 VISA: 4452 Facebook: 4390 The key is to have a fixed random prefix and postfix to the number: Amazon: Tgbn3?7753Onv!Sz VISA: Tgbn3?4452Onv!Sz Facebook: Tgbn3?4390Onv!Sz Hash table attacks could beat it, but I don't think anyone is using that these days outside of academic institutions. Quote J a z z P i a n o 8 8 -- Yamaha C7D Montage M8x | CP300 | CP4 | SK1-73 | OB6 | Seven K8.2 | 3300 | CPSv.3 Link to comment Share on other sites More sharing options...
Docbop Posted May 4, 2020 Share Posted May 4, 2020 I don't trust password managers, how well do you know them, how safe their own site? The first thing I do is create passwords that I can make simple acronyms to help me remember them or I can write down and means nothing. I was programmer for one of the big universities and just to do my daily work needed to use five passwords that had to be changed monthly and no password could be reused for six months. So came up with use acronyms that I could write down and no one was the wiser. Since being involved with computer security and this woman I knew who was the chief security nerd for one of the credit reporting agency's internal security. She put together a six node supercomputer she would test how quickly she could crack employee passwords with. It was fast and computer speeds are so much faster today. So then I realized LONG passwords are the key to being safe and they don't even have to be that crazy the length is the key. People who crack passwords in general go for bulk cracking so passwords that take too much time tend to get ignored, unless you are their specific target. So a long password might take an extra second to type but the return in security is worth it. Quote Link to comment Share on other sites More sharing options...
nursers Posted May 4, 2020 Share Posted May 4, 2020 Yep the password length is a great point - for any websites I run, the admin login is at least 16 digits long. Quote The Keyboard Chronicles Podcast Check out your fellow forumites in an Apple Music playlist Check out your fellow forumites in a Spotify playlist My Music: Stainless Fields Link to comment Share on other sites More sharing options...
Marzzz Posted May 4, 2020 Share Posted May 4, 2020 1Password Quote Link to comment Share on other sites More sharing options...
Sospiri Posted May 4, 2020 Share Posted May 4, 2020 I have two password for my bank account - that is the only account that could lose me money - and they are in my head. The rest are in a text file on an external backup drive that is not normally connected to any machine. So the only account that matters is in my head and I have taken reasonable precautions with everyone else's. If you can't accept that, don't give me access to your site! Quote Link to comment Share on other sites More sharing options...
stillearning Posted May 4, 2020 Share Posted May 4, 2020 I use a separate, standalone, electronic device, not connected to the internet or any other device. It"s called Password Safe. I used to keep them on paper but it got cumbersome. Quote I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly. Link to comment Share on other sites More sharing options...
AWkeys Posted May 4, 2020 Share Posted May 4, 2020 Excellent conversation! My brother is a tech-geek and he advised me that password length is most important. (Although many prefer password girth, yukyuk.) He told me even using a sentence works. Quote Link to comment Share on other sites More sharing options...
ZioGuido Posted May 4, 2020 Share Posted May 4, 2020 Lately, I've seemed to lost control of my list of passwords. Even though I've attempted to consolidate them lately, there are some from over year ago that I've forgotten and/or can't find my notes on what they actually were. Can anyone recommend an app that would assist me in organizing my passwords? Thx in advance! Managing passwords has always been my bigger struggle since the day I created my first email account back in 1997. And the funny thing is that the very first App I have made for a mobile device is a virtual keychain. I released it only recently and only for the Android devices, it's called GSi SafeBox and it's free and ad-free, even though the first release is only in italian. I have just posted a new version in english that's currently in beta test. If you have an Android device and you wish to test it, here's the link to get into the beta program: https://play.google.com/apps/testing/com.genuinesoundware.gsisafebox. I know there were already many similar apps for holding passwords in the mobile device, but most of them are cloud-based, that means that all your sensible informations are instantanously sent over the internet to someone else's computer (that's what a cloud is). And most free apps show annoying ads. I wanted to make my own implementation, something simple that keeps the data into the device's memory with no need to send the data elsewhere. Everything is stored into an encrypted XML file that can optionally be exported / imported to / from local memory or shared with other apps (e.g. sent via email for backup purpose). If you give it a try, let me know what you think. Quote Link to comment Share on other sites More sharing options...
Franz Schiller Posted May 4, 2020 Share Posted May 4, 2020 Using 1 password seems very very dangerous. Because if hackers figure out your Amazon login, for example, then they can get to your PayPal login, your credit card login. And you bet your ass they try all the major websites. Personally, I use a password book...pen and paper. Quote Link to comment Share on other sites More sharing options...
RandyFF Posted May 4, 2020 Share Posted May 4, 2020 don't understand how brute force cracking trying millions of potential combinations of words/letters work. If there's a limit of 5 tries for example, brute force cracking wouldn't work. Quote Numa Piano X73 /// Kawai ES920 Yamaha Melodica and Alto Recorder QSC K8.2 // JBL Eon One Compact // Soundcore Motion Boom Plus Win11 laptop // iPad Pro 9.7" 32GB Link to comment Share on other sites More sharing options...
Marzzz Posted May 4, 2020 Share Posted May 4, 2020 Using 1 password seems very very dangerous. 1Password Quote Link to comment Share on other sites More sharing options...
Reezekeys Posted May 4, 2020 Share Posted May 4, 2020 Somewhat related to the topic here, maybe a side issue but I thought others might like to know about this. It's an interesting site that appears legit. Some of my email addresses were found to have been involved in data breaches. You can also search by entering a password which the guy who did this site says is safe (I read this in his FAQ) â I haven't done that yet though. https://haveibeenpwned.com PS - the guy likes & recommends 1Password but lays out his reasons why â he doesn't seem to be connected to the company in any way other than a user. Quote Link to comment Share on other sites More sharing options...
elif Posted May 4, 2020 Share Posted May 4, 2020 ... I know there were already many similar apps for holding passwords in the mobile device, but most of them are cloud-based, that means that all your sensible informations are instantanously sent over the internet to someone else's computer (that's what a cloud is)... Rather, an AES-256 encrypted bundle of your sensible informations is sent over the internet... Edit: (am a LastPass user) In the case of LastPass it is AES-256. Don't know about the others. Quote Link to comment Share on other sites More sharing options...
EVC Posted May 4, 2020 Share Posted May 4, 2020 I use keepass. No extremely sensitive passwors in my safes (one personal and one for company related passwords). And the master password is long (25+ characters), with numbers, symbols, lower/upper case letters. I keep the database in my google drive. I wonder if it is worth saving the data base(s) in a VeraCrypt container (AES(Twofish(Serpent)) encrypted). Quote Link to comment Share on other sites More sharing options...
ZioGuido Posted May 4, 2020 Share Posted May 4, 2020 Rather, an AES-256 encrypted bundle of your sensible informations is sent over the internet... How can you be sure? You just trust the system. I too store almost all my passwords into Chrome, at least the low-risk ones, not those of the bank accounts or important things. Anyway, I wanted something that doesn't send the passwords anywhere, so I made my own app, and I'm sure that the passwords stay into the phone. Quote Link to comment Share on other sites More sharing options...
ZioGuido Posted May 4, 2020 Share Posted May 4, 2020 However, keeping the feet on the ground, in a real situation I think that the level of protection should be proportional to the importance of the thing to protect. If you're the president of the USA and know the passwords to launch nuclear missiles, or if you're some very rich person with billions of dollars on offshore bank accounts, probably you need something like (AES(Twofish(Serpent)) encrypted)... but for common mortals a 6~8 characters password encrypted with Blowfish is more than enough. Quote Link to comment Share on other sites More sharing options...
TommyRude Posted May 4, 2020 Share Posted May 4, 2020 Our company uses LastPass, but in general these password applications freak me out a bit. They are supposed to protect you, but intuitively they seem to group all your crown jewels into one location? So in the sad event someone gets in, they get it ALL instead of one piece? So maybe something to think about is which passwords are you trying to manage? Only group up the low risk accounts into a manager, and make it much harder for hackers to get to your super-sensitive, high risk accounts, i.e. bank accounts, brokerage accounts, et al. Segregate those out in a safe place, like on a post-it behind your refrigerator Quote Some music I've recorded and played over the years with a few different bands Tommy Rude Soundcloud Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.