Password Manager

jasonSmith_0xFF · 11 August 2018 15:47

The point of a password manager is to have different passwords for all the services you use.

IT DOEN’T MATTER HOW STRONG YOUR PASSWORD IS IF AN ATTACKER CAN SEE IT IN PLAIN-TEXT.

Each service you use - Google, Twitter, Facebook, Netflix, Amazon, Office-360, this forum, your bank, etc., takes your user name and password to authenticate you. This means that at some point, your password is exposed in plain text to the server. Some services have better “best practices” for password handling than others. In other words, it is a good bet that one of the services you use has weak protections for your password.

If one of these servers is compromised, the attacker now has your password. Not so bad if someone gets into your Twitter account and posts stuff. If you are like me, you have no followers anyway. Someone hacking my Twitter account might actually make me more popular…

But if someone hacks your Twitter password and can then use it to access your bank account and your Amazon Prime, you have problems.

The best practice to compartmentalize services on the web is to use a different password - strong, non-derivative - for every service you access. If you can remember that kind of password or passphrase for every site you visit, please share your memorization method, because that is very cool.

Mickey · 11 August 2018 16:00

I did not know on how many web services you can have an account. I use different passphrases; I have just a password for my PC, one for E-Mail, one for UM Community and one more. Fortunately I can remember every passphrase… still.

I do not have any account you mentioned besides this forum but now I can absolutely retrace your need for a password manager. Thanks for explaining this reason.

Cheers!

Mickey

Leoj03 · 19 October 2018 19:35

Or you could come up with a different random string of letters each time, and hit “Forgot my password” when you forget it, set it to a different random string of letters… repeat as needed. Though that puts everything on your email password.

Oldtom · 20 October 2018 21:58

Have used SplashID on our Mac before making the move to UM.

Moved to Enpass since it’s available for UM (free) and since I use iPhone and iPad, it’s $9.99 (USD) for a lifetime license on the iOS platform.

I was a little hesitant to move over but was able to move all my SplashID records over easily.

It works great, complete control of the data and it syncs fast to the database file (as stated above in Dropbox, Google Drive and iCloud).

As I understand it, they are also working on wifi sync to keep things local like I had with SplashID - hope to see that feature soon.

Take a look…believe it’s worth testing out on your UM machine at the very least!

deanr72 · 21 October 2018 14:18

KeePassX user here, synched to KeePass2 on Android phone

tonyrulez · 20 November 2018 06:45

I’m just here to say how amazing Keepass is I use KeepassXC on Linux, Keepass 2 on Windows, Keepass2Android on Android and Tusk extension in Chrome/Vivaldi. The passwords are saved into a single file which I sync to Google Drive. All apps and the extension pulls the data from the cloud (Linux and Windows the locally synced file, Android and Tusk directly from Drive) so wherever I make a change it will appear on all other devices. Long story short, it’s an amazing, safe, free, open-source and truly multiplatform password manager

Mark_Siggers · 20 December 2018 07:37

Thanks for the tip! I’ve been using KeyPassX, but checked out pass because of your comment, and I love it.