If you use a different username on every site, how do you keep track of it?

Discussion in 'privacy problems' started by DesuMaiden, Jun 26, 2013.

Thread Status:
Not open for further replies.
  1. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    This is how I do it:

    I save all account information on a Word doc in the following format:

    Site's name: Wilderssecurity
    Site's url: https://www.wilderssecurity.com/
    Username: ComputersRock
    Password: ad654&%$&^&^
    Sign up email: ad654&%$&^&^@gmail.com
     
  2. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    I use Lastpass.
     
  3. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    All data is encrypted in KeePass database.
     
  4. woomera

    woomera Registered Member

    Joined:
    May 21, 2004
    Posts:
    211
    lastpass!
     
  5. Warlockz

    Warlockz Registered Member

    Joined:
    Oct 30, 2008
    Posts:
    642
    Lastpass for misc firefox browser profile, and keepass for personal firefox profile like important logins

    Edit, I use Profile switcher addon to easily switch between profiles
     
  6. parsec

    parsec Registered Member

    Joined:
    Aug 2, 2011
    Posts:
    68
    Location:
    /local/galaxy_cluster/milky_way/sol_system/earth
    Another LastPass user passing by.
     
  7. SirDrexl

    SirDrexl Registered Member

    Joined:
    Apr 14, 2012
    Posts:
    545
    Location:
    USA
    KeePass. I add custom fields for "Email Address" (obviously, the email address associated with the account) and "Lifetime" (how long between password changes).
     
  8. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    In my head.
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Head for truly important passwords, LastPass for headache relief and forgetfulness.
     
  10. klarm

    klarm Registered Member

    Joined:
    Apr 7, 2012
    Posts:
    23
    Location:
    europe
    Hi,

    I use notepad .txt that I fill with data, and keep it encrypted using 7zip (AES) :D .

    For some of the forums I use secure login add-on (with pass). I know this might not very secure but there is no other way for me cos It would be to difficult/time consuming to open/type every time.

    also I use cookie manager backup/restore function when I open FF, for a few sites I use, cos everything is flushed after I close FF, and this option is very useful to me.
    cheers.
     
  11. Pinga

    Pinga Registered Member

    Joined:
    Aug 31, 2006
    Posts:
    1,420
    Location:
    Europe
    There's a portable utility called MemPad that is most useful for note-taking, shopping lists and what not. It offers password-protected encryption:

    http://www.horstmuc.de/wmem.htm
     
  12. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    I use KeePass portable and it works great
     
  13. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
  14. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    Another vote for MemPad!
     
  15. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474

    Keepass/KeepassX does all of this, has portable + cross platform versions (including Linux + Mac OS), is open source, is password protected, has a password generator, and doesn't call out to the internet so no tracking or cloud worries. Only downside i can think of is that it doesn't auto-fill forms.

    http://portableapps.com/apps/utilities/keepass_portable

    http://www.keepassx.org/
     
    Last edited: Jul 23, 2013
  16. wallpapers

    wallpapers Registered Member

    Joined:
    Jun 15, 2012
    Posts:
    42
    I use keepass. And I use it right. Using global autotype keybaord shortcut is painless. Lastpass seems to have some security issues :ninja:
     
  17. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Give me an example outside of that securely salted database theft.
     
  18. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    I think Lastpass can be dangerous for non security oriented person.
    Lastpass stores database on their server and because of that everyone who know your login details to LP db can easily theft ALL your passwords stored there.
    Case study: Your friend (Jim) is not computer person, one day he asked/or just search by self how securely store and manage password he use to log in to: private and company mail, several forums, 3 banks accounts in different banks, mobile phone provider website, services like yt, flickr, etc, etc.
    Summary he has over 40 different passwords to remember.
    He read that Lastapass offers security of his passwords and he will have to remember only one to access to all database.
    Everything worked fine for several months but one day keylogger has been installed on his computer - he didn't know about it, he uses AV but this time no alert was given.
    Next day he logged in to Lastpass as usual few hours later he received mails from administrators of forums where he had accounts with infromation that your account had been blocked because he was sending spam.
    He noticed also all his mails had been deleted and he stored there important information about new financial project for his company.

    What happened?
    Attacker via keylogger intercepted only one login and one password which gave him access to ALL database with Jims' passwords and access to all of his 40 accounts.
    Thats because database wasn't stored localy but on server where everyone can access if have proper login/pass.

    With KeePass in this case scenario situation is simple - even if (secure desktop feature) attacker intercept password - it will be one password because he don't have physical access to password database which is stored on your computer or usb drive or other external drive.
     
  19. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Yet the user is secure enough not to get data theft malware, RAT, or a zombie PC. Plus the keylogger has to be installed during manual log in of LastPass. Then there's two-factor authentication, one-time passwords, on-screen keyboard, etc.

    Really, no password manager is secure in the hands of an insecure person. Heck, they could put the database and password in plain text within a flash drive left out there somewhere.
     
  20. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    scary stuff... but predictable? what's the point of keeping all passwords with a online service that God knows who can access (a hacker using a intercepted user and pwd, anyone from the company that have access to the DB, anyone that one day successfully hacks the DB, anyone that the company wants to share the info with...)? that's just crazy imo o_O
     
  21. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    You are right and this is why I use KP instead of LP or other alternatives which offers storing my password db in the cloud.
    Remember one thing - with increasing level of comfort, safety decreases.
    And it apply not only to computer security terms.
     
  22. c2d

    c2d Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    570
    Location:
    Bosnia
    Same here
     
  23. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Before thinking about absurdity, it's important to not forget about the user. Government snooping aside, LastPass can be made very secure and the company is accountable for their actions (not to mention trustworthy so far).

    Also, nobody is forcing you to put everything online, that applies for passwords as well. I simply put the vast majority non-private passwords where it's most convenient, but sufficiently secure.
     
  24. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    +1 for Keepass.

    It will auto-type the correct user name and password for you for the active window at the press of a hotkey (assuming you filled in the site/window title correctly when you made the original password entry). I also use Keefox plugin with it which auto-completes the login fields of sites you visit (although you still need to click the actual login button). It's available on Windows, Mac, Linux, and Android so I can use my passwords on any system or device.

    I keep my password database in dropbox so I can access it anywhere, but it requires a keyfile (+ password), and the keyfile I of course only keep on local hard drives of my computers and mobile devices.
     
  25. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    Guess I am old school. I keep most important passwords in my head. Others which need to be maintained on a system I keep in a hashed file inside a serpent-256 TC container.
     
Loading...
Thread Status:
Not open for further replies.