13

Passwords.. how do you guys manage yours? I'm one of those who often used the same semi weak password for nearly everything

I'm more than likely going to get a password manager but I have no idea which, do you use any?

Comments
  • 5
    I'm using LastPass, basically, it does what it has to, but their (at least on Android) app is terrible. Often logs out randomly several times in a minute and has some bugs.
    The upside of using a password manager is that I can have 40 chars long passwords without having to remember them, so it's pretty cool.
    Bitwarden is open source and has a self-hosted version, you should check it out definitely.
  • 0
    @marci010101 yeah I've tried lastpass before and I wasn't a major fan, I'll definitely checkout bitwarden. I'm also thinking about trying 1Password
  • 2
    Post-it notes with paper shredder encryption. Best password storage the money can buy.

    Jokes aside, I'm still using a mix of KeepassXC and LastPass - still to give BitWarden a proper go.
  • 3
    @theKarlisK nothing better than your password on a post-it note attached to the screen!
  • 2
    I use LastPass with 2FA.

    Chrome extension works well, although iOS doesn’t like to work well when you have 2FA and need to app switch to get the code after you login.
  • 1
  • 1
    I use LastPass to store passwords. I've found it helpful to find a random car in the lot, get the license plate number, and use that with an added key word to provide added strength. It works very well. The key word provides variety so that no two sites have the same pwd, that way if one gets hacked, then only that one gets hacked.
  • 3
    The `pass` (password-store) command is great, especially if you have a PGP smartcard. There are compatible mobile apps and such, though I'm not sure about windows/os x compatibility
  • 1
    I personally use Clipperz: https://clipperz.is
  • 2
    There is also bitwarden https://bitwarden.com/
  • 2
    I used one of the KeePass derivatives, maybe XC. But at this point I have one semi weak password that I use for non sensitive stuff (that I've been using for probably 5 years now), and another fairly strong password I use for sensitive stuff (such as money)
  • 1
    LastPass no question
  • 1
    Norton Password Manager. It's free and you can always count on me if you find any bugs. ;)
  • 1
    Firefox sync 🤷‍♂️
  • 4
    Keepass all the way.

    Proper encryption and not in the browser. Has auto type features which is notblimited to the browser.
  • 1
    KeyPass and LastPass fan
  • 1
    Dashlane or LastPass, they work the best cross platform/mobile.

    Also I can suggest Authy for better 2fa management (except for fucking steam)

    The most important keys are managed by keybase for me
  • 1
    Keepass2, works great on all platforms, has many great features and plugins (check out Kee for browser integration, and a sync plugin to share your database across devices), and is completely free.
  • 1
    Bitwarden or 1password
  • 1
    I used LastPass (Premium until they removed virtually any reason to pay for it for a single user) for years. I switched to DashLane last year because I got a premium subscription as part of a Humble Bundle and had heard good things. Probably gonna switch back when this subscription expires...
  • 1
    a big red book with all the rare passwords i keep tight around me. The others i remember and spend considerable amount of times reiterating them if i dont use them daily. Privatly its three somewhat longish batteryhorsestapler passwords with a variation that is basically the website/place name as salt just a bit more complicated (i need pen and paper to calculate the password from the name, sometimes i need to try all three passwords till i find the right one, usually i remember the ready calculated pw anyway)

    horrible complicated but i have irrational trust issues towards password managers without any good reason to back it up
  • 1
    Premium LastPass.

    Any thoughts on LastPass vs 1Password? I run Linux at work, but all my personal stuff is Apple.
  • 1
    @BurnoutDV to add to my "big red book" the passwords there arent in plaintext but hidden in obscurity. I even channeled my non-existing java skill to write a program that hides a alphanumerical password.
  • 1
    KeePass with the DB syncing on a remote server.
  • 1
    I did use KeePass some years ago but it fell into disuse. I see alot of people haven't tried bitwarden so I'll go check it out. And hopefully i'll stick to some kind of management, because it's sorely needed.
  • 2
    @tokumei There are pass builds for Windows and MacOS. :) I also use it, and syncronize it over my own git server. It's amazing and honestly, I would never trust a centralized service like LastPass. Seems like a super bad idea to store your passwords there. Keepass is another good alternative which is also available across all platforms.
  • 0
    @d4ng3r0u5 I'm thinking either lastpass or 1pass just for the fact it's easy to sync across any device. I have a lot of devices and it's a pain to handle all of them
  • 0
    I am using something like:

    base_password + suffix

    base_password is the same for all.

    suffix is different for every website/login and is based usually on the URL or company name. This algorithm is very basic and is easy to remember, therefore I do not need any password manager (although I am using LastPass for work).
  • 1
    @bone7ord Although a very easy to recohnize algorithm. If I notice it on one password I can easily get other creds.
  • 2
    @bone7ord that’s fairly insecure if someone works out the base password.
  • 0
    Choose a word you remember:
    - frontend
    Change it bit to make it more secure:
    - Fr0ntend
    Include symbol and pin
    - Fr0ntend@0901
    And last include a letter related to site or company:
    - Fr0ntendR@0991 (r of Rant)
  • 0
    @Ederbit only if ever a human looks at passwords, this kind of password "algorhytmen" mostly fends off bots. its a trade off for less than critical accounts between convience and security

    if everything is properly hashed, salted, peppered and spiced it should not be a problem. And a single leaked password wouldnt be a concern.
  • 0
    RoboForm for 8 years. Your all noobs.
Your Job Suck?
Get a Better Job
Add Comment