How do you remember/store passwords?

Discussion in 'other software & services' started by ltheonestar, Jun 23, 2018.

  1. ltheonestar

    ltheonestar Registered Member

    Joined:
    Jan 17, 2017
    Posts:
    15
    Location:
    Spring, TX
    Hello and greetings,

    I am having a hard time remembering all the various passwords I need to conduct day to day life, for example, banking, email, online shopping, starb****, service provider websites e.g utilities, internet etc.

    I am not a fan of writing them down on a sticky note and pasting them somewhere or writing them in a book.

    Sadly the password standards across each website are vastly different, some allow special characters, some do not, some require caps, others do not. So there is no way to standardize my passwords as well.

    How do you all remember and store your passwords?

    Do you use password managers like Last Pass, or technology like Yubicon key? I was gifted that for the holidays but have no idea what is it etc!!

    I want to create a process to manage my passwords and then even help my other family members do the same.

    Any advice?

    Thanks :)
     
  2. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,004
    Location:
    Member state of European Union
  3. RioHN

    RioHN Registered Member

    Joined:
    Mar 14, 2017
    Posts:
    117
    Location:
    Here
    You should definitely look into password managers to see if they're a good fit for you.
    I currently use KeePass and am really happy with it. I can't comment on a great deal of it's functions as I avoid integrating password managers into browsers or granting any type of internet access. I store KeePass and its database in an encrypted file container which I mount read-only unless I wish to make changes. It runs sandboxed (sandboxie) and is denied internet access.
    I use KeePass to generate and store credentials/security questions/etc for almost every site I use.

    If you do go for an offline password manager just remember to backup your database.

    Yubikey interests me for U2F only, but I'm sticking with standard 2 factor for the time being (freeOTP).
     
  4. ltheonestar

    ltheonestar Registered Member

    Joined:
    Jan 17, 2017
    Posts:
    15
    Location:
    Spring, TX
    Thank you reasonablePrivacy and RioHN

    It looks like KeePass is a good option to consider.

    How does one remember the master password though? Store it somewhere in writing? In the brain? both?

    Also, I read that one can even store the KeePass database on the cloud e.g. GoogleDrive, is that a good idea?

    I too never integrate password managers into browsers.

    How does KeePass work...lets say I am offline in a train and need to get a password, can I access the KeePass database while offline e.g via my smartphone or laptop?

    Thanks :)

     
  5. kaljukass

    kaljukass Registered Member

    Joined:
    Apr 27, 2011
    Posts:
    244
    Why not to use Google Chrome (or chromium based browsers) or Firefox (or fFrefox based browsers), where is password manager already built in. It is also syncronized with webstore, it is also encrypted etc. Not needed for any kind of third party widgets.
    And most important, they are always available, if You use synchronization. Even if You don't use Your own computer or phone.
     
  6. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,004
    Location:
    Member state of European Union
    Provided you encrypt it using strong password, you can store it anywhere. It can be read by everybody and it's ok. I would not grant write permissions, because:
    1. there might be a bug that exploits KeePass (not so likely, but there is a possibility of that)
    2. somebody can damage your database and you lost your passwords

    Database is a regular file. There is some synchronize function, though.
     
  7. RioHN

    RioHN Registered Member

    Joined:
    Mar 14, 2017
    Posts:
    117
    Location:
    Here
    I have a long (around 30 chars) password for the encrypted container and a similar length password for KeePass. I store them in my brain only (have a technique to memorize them) but I would recommend writing them down and keeping them somewhere safe if you're worried about forgetting. You don't have to write "Password for my password manager" above, and you can always get creative and use techniques to throw people off, like having junk characters inbetween password letters: pqavsdsawroeridu. Or a grid with column D being your password when read vertically. You do have to remember the technique you used in these cases though :)

    I copy the encrypted file container (which contains the password database) to dropbox. I do this more as a backup and so that I have access to it if needed no matter where I am. I wouldn't personally store the only copy of the database in the cloud but it is feasible sure.

    I believe you can set up syncing between devices yes. I use KeePass purely offline, so in your position I'd need to have a copy of the database on the laptop. If I only had a smartphone I wouldn't have access as I haven't downloaded an app for it. You have to find your own acceptable balance between security and convenience. There are many cloud based password managers which are likely much easier and more convenient to use across multiple devices. I recommend searching the web for password manager comparisons.
     
  8. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    I sit down for 5 min a week & go over them in my head.
     
  9. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    How many (roughly)?

    Do you still use a unique password for every site/service?
     
  10. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    Twenty.
     
  11. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    I recommend Bruce Schneiers password safe. Open source, free, uses the twofish encryption he designed and has a software keyboard so no clipboard security issues and its been out there I believe for ten years without anyone discovering a security problem. The database can be stored anywhere you want to store it. I would never use a commercial closed source product for password storage.
     
  12. ltheonestar

    ltheonestar Registered Member

    Joined:
    Jan 17, 2017
    Posts:
    15
    Location:
    Spring, TX
    Thank you :)
     
  13. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
  14. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    I have all my passwords on a Excel sheet that's on a removable drive.
     
  15. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    Doesn't Excel make temporary copies of opened sheets in order to prevent data loss if suddenly closed or something?
     
  16. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    Most likely, I have Excel protected by AppGuard.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.