|
bassman
|
 |
« on: January 31, 2015, 11:01:16 AM » |
|
a password manager? Any recommendations / comments / pros or cons? For Mac products.
TIA
|
|
|
|
|
Logged
|
|
|
|
wiggydotcom
Member
Posts: 3387
Do Your Best and Miss the Rest!
Yorkville, Illinois
|
|
« Reply #1 on: January 31, 2015, 01:09:43 PM » |
|
I use Dashlane for my Windows machine. There is a MAC version. As a password manager, it does its job nicely.
|
|
|
|
« Last Edit: January 31, 2015, 01:17:07 PM by wiggydotcom »
|
Logged
|
VRCC #10177 VRCCDS #239  |
|
|
Scott in Ok
Chief Worker Ant
Administrator
Member
Posts: 1157
Oklahoma City, Ok
|
|
« Reply #2 on: January 31, 2015, 02:41:14 PM » |
|
For Mac products.
TIA
I use 1Password and like it alot. -Scott |
|
|
|
|
Logged
|
Never underestimate the power of stupid people in large numbers!
|
|
|
|
BobB
|
|
« Reply #3 on: January 31, 2015, 02:44:21 PM » |
|
I have been using My Eyes Only on my iPhone.
|
|
|
|
|
Logged
|
|
|
|
|
Serk
|
|
« Reply #4 on: January 31, 2015, 02:53:25 PM » |
|
PasswdSafe http://sourceforge.net/p/passwdsafe/wiki/Home/It's open source and free. Open source means the full source code is available, so auditing it for vulnerabilities or back doors is trivial. I store my database file on my Google Drive so I can access it from any device, any computer, or my phones or tablets (There is a port of the app for Android) Yeah, it's theoretically possible someone could get a hold of my database file since I store it in the cloud, but it's pretty heavily encrypted so I'm not that worried. |
|
|
|
|
Logged
|
Never ask a geek 'Why?',just nod your head and slowly back away...  IBA# 22107 VRCC# 7976 VRCCDS# 226 1998 Valkyrie Standard 2008 Gold Wing Taxation is theft. μολὼν λαβέ |
|
|
|
CajunRider
|
|
« Reply #5 on: January 31, 2015, 04:17:12 PM » |
|
I've been using KeePass with no complaints. Comes in handy since I have it on a USB Flash Drive & on my cell phone.
I'm not sure if they have a MAC version.
|
|
|
|
|
Logged
|
Sent from my Apple IIe
|
|
|
gordonv
Member
Posts: 5766
VRCC # 31419
Richmond BC
|
|
« Reply #6 on: January 31, 2015, 04:44:02 PM » |
|
As in a program to manage password you use on all these forums?
I use a note book. Write it all down. Stored at home.
I also use a basic method of the same few passwords and add some extra numbers/letters to it to make it unique.
Have never had the house broken into, and someone would need to know or want to take the note book, which isn't very likely.
|
|
|
|
|
Logged
|
1999 Black with custom paint IS   |
|
|
Valkpilot
Member
Posts: 2151
What does the data say?
Corinth, Texas
|
|
« Reply #7 on: January 31, 2015, 06:26:53 PM » |
|
I've been using KeePass with no complaints. Comes in handy since I have it on a USB Flash Drive & on my cell phone.
I'm not sure if they have a MAC version.
+1 Been using it since 2011. It's flexible enough that I also use it to store family SS and credit card numbers. |
|
|
|
« Last Edit: January 31, 2015, 06:29:08 PM by Valkpilot »
|
Logged
|
VRCC #19757 IBA #44686 1998 Black Standard 2007 Goldwing   |
|
|
Colin
Member
Posts: 597
My old job
Orba, Spain
|
|
« Reply #8 on: January 31, 2015, 11:39:54 PM » |
|
I use LastPass no complaints with it either. Works with all browsers.
|
|
|
|
|
Logged
|
|
|
|
|
therapist
|
|
« Reply #9 on: February 01, 2015, 08:43:09 AM » |
|
|
|
|
|
|
Logged
|
|
|
|
Gavin_Sons
Member
Posts: 7109
VRCC# 32796
columbus indiana
|
|
« Reply #10 on: February 01, 2015, 09:11:33 AM » |
|
I wont store passwords or credit card numbers anywhere but in my head or in my wallet for the credit cards. Only have the one debit card. Why would anyone want to store this stuff anyway? Has the human race became so dependant on technology that they can't remember a simple password? Guess I'm a little old school when it comes to this stuff. And im only half the age of most of you guys.
|
|
|
|
|
Logged
|
|
|
|
|
Serk
|
|
« Reply #11 on: February 01, 2015, 09:26:33 AM » |
|
I wont store passwords or credit card numbers anywhere but in my head or in my wallet for the credit cards. Only have the one debit card. Why would anyone want to store this stuff anyway? Has the human race became so dependant on technology that they can't remember a simple password? Guess I'm a little old school when it comes to this stuff. And im only half the age of most of you guys.
Couple points: -If it's a "simple password" it's probably too simple. -If it was a SINGLE password, not a problem, but I've got around 100 different passwords I have to maintain for various sites, systems, servers, domains, etc. etc. etc... And for proper security they need to be different and complex to avoid a dictionary attack or a cross site attack if one is compromised. They also need to be periodically changed to not become stale. So, with that in mind, putting all your eggs in one basket, and making sure it's an armor plated secure basket, is one of the best courses of action you can take. |
|
|
|
|
Logged
|
Never ask a geek 'Why?',just nod your head and slowly back away... IBA# 22107 VRCC# 7976 VRCCDS# 226 1998 Valkyrie Standard 2008 Gold Wing Taxation is theft. μολὼν λαβέ |
|
|
BudMan
Member
Posts: 628
"Two's in."
Tecumseh OK
|
|
« Reply #12 on: February 01, 2015, 10:04:51 AM » |
|
I've used RoboForm for many years and have had no issues. It works great across multiple machines and platforms, laptop, home computer, phones, and public computers if needed. I haven't done it, but it can also go a secure thumb drive.
Personally, I would never use a free password vault. I have that nagging thought all the time; "Where's the money for this coming from?"
|
|
|
|
|
Logged
|
Buddy
Tecumseh OK
MOOT# 263
VRCC # 30158
1948 EL Harley
2013 F6B Delux
"I rarely end up where I was intending to go, but often I end up somewhere that I needed to be,"
Dirk Gently; Holistic Detective
|
|
|
|
vanagon40
|
|
« Reply #13 on: February 01, 2015, 11:56:19 AM » |
|
I use LastPass no complaints with it either. Works with all browsers.
+1 |
|
|
|
|
Logged
|
|
|
|
|
bassman
|
|
« Reply #14 on: February 02, 2015, 07:00:23 AM » |
|
Thanks all for the usual excellent input....MUCH appreciated !
|
|
|
|
|
Logged
|
|
|
|
MarkT
Member
Posts: 5196
VRCC #437 "Form follows Function"
Colorado Front Range - elevation 2.005 km
|
|
« Reply #15 on: February 02, 2015, 09:02:57 AM » |
|
Wow. Can't believe all you guys using a pw manager. Seems to me using the same utility as groups of people for the purpose of security, lessons the number of methods hackers have to use to get your passwords and thereby makes you more vulnerable. Even if encrypted, where do you keep your key? What if the hackers get your key? All of your pw's are then compromised.
Yeah I'm paranoid. Have been ripped off a couple times, once by a hacker in my local club who trashed my website because I was sloppy and used the same pw for the club access as my admin pw to my website. He was (is) an ahole, and after a conflict, he hacked my site and caused an overrun of my assigned resources causing a DOS crash - took me a week to find and fix the problem and it's source. Went to press criminal charges but the FBI wasn't interested because monetary damage couldn't be proven to be over the threshold which IIRC was $10k at the time. This was years ago & I still owe him payback.
I do NOTHING in the cloud. Just do some reading on privacy and intellectual property abuses, from even big companies like Google. I keep no passwords anywhere they can be accessed, including on my phone (what if it gets lost). There is no auto-pw fill-in activated on my phone or computers. All uses of passwords - only if the website is https when I enter it. All of my passwords are rated "high security". They are kept in a manually-edited file that is local only, encrypted, and with it's name and store location changed frequently. The key is written nowhere. Yep the file is backed up, and the backups are treated with high security.
|
|
|
|
« Last Edit: February 02, 2015, 10:16:07 AM by MarkT »
|
Logged
|
|
|
|
Valkpilot
Member
Posts: 2151
What does the data say?
Corinth, Texas
|
|
« Reply #16 on: February 02, 2015, 09:55:18 AM » |
|
Wow. Can't believe all you guys using a pw manager. Seems to me using the same utility as groups of people for the purpose of security, lessons the number of methods hackers have to use to get your passwords and thereby makes you more vulnerable. Even if encrypted, where do you keep your key? What if the hackers get your key? All of your pw's are then compromised.
Yeah I'm paranoid. Have been ripped off a couple times, once by a hacker in my local club who trashed my website because I was sloppy and used the same pw for the club access as my admin pw to my website. He was (is) an ahole, and after a conflict, he hacked my site and caused an overrun of my assigned resources causing a DOS crash - took me a week to find and fix the problem and it's source. Went to press criminal charges but the FBI wasn't interested because monetary damage couldn't be proven to be over the threshold which IIRC was $10k at the time. This was years ago & I still owe him payback.
I do NOTHING in the cloud. Just do some reading on privacy and interrectual property abuses, from even big companies like Google. I keep no passwords anywhere they can be accessed, including on my phone (what if it gets lost). There is no auto-pw fill-in activated on my phone or computers. All uses of passwords - only if the website is https when I enter it. All of my passwords are rated "high security". They are kept in a manually-edited file that is local only, encrypted, and with it's name and store location changed frequently. The key is written nowhere. Yep the file is backed up, and the backups are treated with high security.
KeePass is not cloud based. It has a very strong encryption methodology, stronger than most document encryption schemes and certainly stronger than Windows or Office doc password protection. The master password is the only password I must remember (although I do remember a few others.) The master password is not written down anywhere or stored in any file. Like Serk, I've got more than a few passwords to keep track of. I also need electronic access to frequent flyer and hotel account info, my family's SS information, my mother's financial information, my own financial information, etc. KeePass locks all of this away in one place, stored where I choose to store it, but available on all my devices. In 2011, I made a significant purchase from what turned out to be a fraudulent seller on eBay. I eventually got all my money back thanks to both eBay and PayPal, but my e-mail account came under attack, I assume by the fraudulent seller. At the time, I was in the habit of using the same password in some combination for virtually everything I did online. I quickly realized how dangerous this was and spent several evenings tracking down various accounts and creating unique passwords for each of them, starting with those most important from a financial risk standpoint. That's when I started using KeePass, because all these unique passwords were beyond what my pretty good memory could reliably keep track of. If you pick the right one, using a password vault is safer than you might assume. KeePass recommended by Kim KomandoKeePass security details |
|
|
|
« Last Edit: February 02, 2015, 10:04:19 AM by Valkpilot »
|
Logged
|
VRCC #19757 IBA #44686 1998 Black Standard 2007 Goldwing |
|
|
|
Serk
|
|
« Reply #17 on: February 02, 2015, 10:02:44 AM » |
|
I used to work for a very large EXTREMELY security conscious company (some would say paranoid) (As in IT security WAS their business... You've heard of them and probably have some of their products on your computer.)
They ran PwdSafe through their own internal audits and deemed it secure and tough enough to be approved for usage of their own internal passwords and security information.
That was all the convincing I needed...
|
|
|
|
|
Logged
|
Never ask a geek 'Why?',just nod your head and slowly back away... IBA# 22107 VRCC# 7976 VRCCDS# 226 1998 Valkyrie Standard 2008 Gold Wing Taxation is theft. μολὼν λαβέ |
|
|
|
