Password Manager Recommendation?

Look at post #12, second picture.

If you select Override default sequence, and delete {USERNAME}{TAB}, it should work.

 

The only problem with that, is when logging in for the first time during a session - it requires both username and password. Sometimes only a password is required to continue (ie. placing an order via Amazon, or re-entering your Google password after an extended period of time being logged in), and there is no username field to type into. So the username and password combo is still required for initially logging in, but only the password is required for performing certain tasks after being logged in.

 

Oh... OK.

You could try to add {PASSWORD}{ENTER} where it says Use custom sequences for specific windows.

Make sure you target those windows you want, where you only have to enter the password.

Another solution that I can think of, without looking at KeePass settings, would be to create a new entry in your KeePass database file for those services where you sometimes only have to enter the password, and then do as I mentioned in my previous post.

 

Right you are.

i remember having this issue with SBie as well.

no security without inconvenience i guess.

 

Does ChromeIPass extension work?

 

Thanks for the confirmation.

 

I will probably be trying that later and will let you know. Thanks.

Edit in: I'm gonna pass. Reason being the increased attack surface with every added extension.
As stated in the Cracking Open Chrome article last week, researchers stole data from LastPass when they took over a different extension and then used it to open new tabs. This gave them the ability to see the password info inserted by LastPass. Okay, I'm using KeePass, not LastPass, but still I'm not comfortable with the vetting Chrome does on its extensions. Call me cautious, call me paranoid.

 

That was a good read, thanks for posting!

I'm definitely happy with KeePass, and I'm honestly glad I switched. I've traded some convenience for a lot more security and peace of mind.

 

I installed KeyScrambler recently.
One of the reasons was for new data entry and editing in KeePass.
Unless I missed it in the documentation, I don't think these processes are protected by KeePass.
With KeyScrambler (paid) they are.

 

just make sure you use the 'Double Channel Obfuscation' option for Auto-Type.
regular Auto-Type is captured by keyloggers while Copy and Paste operations are captured by clipboard loggers.

Drag & Drop is protected from both key and clipboard loggers.
is there such a thing as a 'Drag & Drop' logger??

 

Yep, good advice, per images posted earlier in this thread.
Make sure to use secure desktop feature and two-channel auto-type obfuscation.

Excellent question, and quite a name.

 

i know it's not free

but does someone use roboform 7.4?

 

just bought Password Depot.

for me, it's the best i have tested so far, security and feature wise.

it's not cheap but you can use the trial version indefinitely if you have 20 passwords or less.
i tested it with the SpyShelter 'Anti Test' utility and PD defeated all the keylogging and Clipbpard logging tests.
--------------------
S10 Password Vault is free (donationware) and almost just as good as PD.
it does not protect against Clipboard loggers (Copy & Paste operations) but all Auto-Type operations are protected from keyloggers.

 

hi
is better then roboform ?
thanks

 

Yes. Absolutely. It's the best money I've ever spent on software. I've tried all these others and to me, after being a longtime user of Roboform, none of them come close. I always come back to Roboform and for me, there's really no use trying others anymore. I'm set.

 

i could not say.

from what i gather, Roboform is a browser add-on.
somebody correct me if i'm wrong.

personally, i would rather use a 'stand-alone' product instead of a browser add-on.

different strokes for different folks and all that.
----------------------------------------------------
edit:

just downloaded the USB version.
there does not seem to be any way to create custom fields, unless i'm blind or something.

 

Roboform is a good password manager /form filler ,there is no disputing that, but be aware that the company has past form, reneging on its upgrade policy to previous customers ,and that they also have form not supporting browser plugins in previous versions,essentially making the software useless while cynically implying that you can use the previous version "forever". So if you do choose roboform ,be prepared for paying for upgrades that are essentially bugfixes and for the privilege of having browser support.
....................................
https://www.wilderssecurity.com/archive/index.php/t-288309.html

b2carey_siber
January 20th, 2011, 04:54 PM
All,

I understand some of the frustration from the users, but I would like to clarify a few things, answer some of your FAQs from these posts, and to allow you to see Siber Systems' point of view.

Do You have to Upgrade?

No. RoboForm 6 is still available and your are not forced to upgrade at all. Just install the latest version of RoboForm 6 and you can continue to use it forever.
......................................