Jump to content


Please note: You can easily log in to MPN using your Facebook account!
Please subscribe to MPN’s YouTube Channel!

OT: Password hell advice

musicbysterling
 Share

Recommended Posts

Stokely

Stokely

Posted
Posted

So, reading on the Lastpass deal...since the stolen passwords are encrypted, presumably it takes a fair amount of time to crack them (?)   So Lastpass seemingly did a really bad job of letting people know.  Just switching your passwords would mean you should be ok provided you did it in time.   Obviously not a fun thing to do.

This is another reason I regret having so many accounts, especially for plugin sales and manufacturers.  On one hand, not much info is stored with them (certainly no financial data).   Mostly they have name and phone, and honestly there's no real reason those have to be actual names and phones.  On the other, it would just be a lot easier to manage with less company accounts and different plugins.  Case in point, my change from High Sierra to Monterey Mac OS caused me to have to update a slew of plugins using various accounts and plugin managers, and it was a PITA.   

Any site account you have where someone can do damage if they get in there...those are ones I may take out of my password manager, and just pick a long pw I can remember.   I only have a couple like that.

Link to comment
Share on other sites


  • Replies 71
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

The Real MC
The Real MC

My passwords are recorded with good old pencil and paper. Hackers can't get to that.

miden
miden

I'm surprised so many have divulged their password strategies in a forum open to public scrutiny (not posting)....I have mine but I share that with no-one

Docbop
Docbop

Shannon Morse has been around online Tech shows for a long time going back to Hak5 that I discovered about 15 years ago or more.   She has a handful of Youtubes on password manager from over the years

Stokely

Stokely

Posted
Posted

Seems like everything is flawed in some way or another.  Some of you might have ironclad elephantine memories, but mine is horrendous.   I have no wish to go back to endless cycles of "forgot password", and don't want to try to use the same password for every site.

I guess a paper list mostly works, if the house burns down or it gets destroyed or lost then I guess it's back to "forgot password" :)   If you ever need your passwords away from home then you have a problem though.  Not normally one I'd have I guess.

Link to comment
Share on other sites
Konnector

Konnector

Posted
Posted

I keep passwords on a spreadsheet on a couple of different computers. It's primarily for all the software companies I've purchased from over the years. I don't keep sensitive info (like bank account access, etc) on that list. Works for me.

Link to comment
Share on other sites
Docbop

Docbop

Posted
Posted

Shannon Morse has been around online Tech shows for a long time going back to Hak5 that I discovered about 15 years ago or more.   She has a handful of Youtubes on password manager from over the years on her channel.   Below is most recent from 2022 and I threw in another some might finds of tips they like.   

 

Happy 2023 all.   

 

 

  • Like 1
Link to comment
Share on other sites
Bill Heins

Bill Heins

Posted
Posted

I have a little black book for passwords...I try not to store any on the PC. And remember for the most part hackers don't want your personal info...they want all of your banks info and yours is there whether you like it or not ;)

 

Side note... a number of years ago one of the supervisors forgot their Windows password and couldn't login...I went home and got a Linux boot CD, booted the system from the Linux CD and it had a program to access the password file and change it...then reboot into Windows with the new pass...Voila! :)

 

Bill

  • Like 1

http://www.billheins.com/

 

 

 

Hail Vibrania!

Link to comment
Share on other sites
Docbop

Docbop

Posted
Posted
6 minutes ago, Bill Heins said:

I have a little black book for passwords...I try not to store any on the PC. And remember for the most part hackers don't want your personal info...they want all of your banks info and yours is there whether you like it or not ;)

 

Side note... a number of years ago one of the supervisors forgot their Windows password and couldn't login...I went home and got a Linux boot CD, booted the system from the Linux CD and it had a program to access the password file and change it...then reboot into Windows with the new pass...Voila! :)

 

Bill

 

As they say if someone has physical access to your computer there's no way to protect yourself.   

 

Also these days the most insecure device is smartphones and people tend to put all their personal info on their smartphone for convenience.   So think about that when you go leaving your smartphone on tables everywhere. 

Link to comment
Share on other sites
elif

elif

Posted
Posted
On 1/1/2023 at 12:40 PM, Docbop said:

Shannon Morse has been around online Tech shows for a long time going back to Hak5 that I discovered about 15 years ago or more.   She has a handful of Youtubes on password manager from over the years on her channel.   Below is most recent from 2022 and I threw in another some might finds of tips they like.   

 

Happy 2023 all.  

 

 

Thanks, I'm bailing on LastPass.  I've decided against NordPass.  I'm checking out RoboForm next, one reason is the choice for local storage.

Link to comment
Share on other sites
  • 2 weeks later...
GRollins

GRollins

Posted
Posted

And another one bites the dust...Norton LifeLock goes down in flames:

 

https://www.bleepingcomputer.com/news/security/nortonlifelock-warns-that-hackers-breached-password-manager-accounts/

 

I told you so.

 

I think I missed posting one last week. Saw it. Meant to stick it in here. Forgot.

Do.

Not.

Trust.

Password.

Managers.

Period.

 

Grey

I'm not interested in someone's ability to program. I'm interested in their ability to compose and play.

Link to comment
Share on other sites
Biggles

Biggles

Posted
Posted

Forget tech, computers, Apps, Documents.

 

I use the tech from the 80’s an old Filofax with an A2Z index.

 

User names and passwords stored there.

 

I use a combi of random letters, numbers, capitals plus where allowed special characters

 

So no RubyTuesday or AmiRose as my passwords

Col

 

Link to comment
Share on other sites
Baggypants

Baggypants

Posted
Posted
10 hours ago, GRollins said:

And another one bites the dust...Norton LifeLock goes down in flames:

 

https://www.bleepingcomputer.com/news/security/nortonlifelock-warns-that-hackers-breached-password-manager-accounts/

 

I told you so.

 

I think I missed posting one last week. Saw it. Meant to stick it in here. Forgot.

Do.

Not.

Trust.

Password.

Managers.

Period.

 

Grey

 

Compared to password reuse, or using weak passwords, a password manager is better. Even if it's a long plaintext file in a dropbox.

 

Firstly. You know exactly which services you need to perform a password reset when they get stolen. In my case, all 357 of them.

 

Secondly, strong unique passwords prevents automated password stuffing, automated brute-force and hashing attacks, which is most of the attacks as I understand it.

 

Don't trust them, sure. Plan for them to be breached. But do use them. It's just better practice than the alternatives.

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...