Do not use password managers that store your data in their company infrastructure (Norton).
Do not pay any fee. What if they close up shop and you no longer have access?
Word and Excel passwords take under 1 second to bypass, no matter how long or complex.
To see how long it takes to determine your master password, go to passwordmonster d0t com. That is an offline too that will show your 14 character password is close to worthless, especially if you use any words that appear in a dictionary, lists, language, acronyms, etc.
Using a zero for the letter "O" does not help. Password cracking tools know that trick.
Thinking a hacker won't look at every file on your PC or in the cloud is how the horror stories begin. Security by obscurity is foolish advice.
Choose a password manager that is open source and peer reviewed.
Use a long master password. In today's world, that is at least 30 characters.
There are smart choices in password selection. Do not use these, but which password would be more secure? Which can you remember? eTC82^9wn$j7 Dun/kinDon/uts?
For the web site passwords you store, the tool must be able to easily generate long passwords for you. Since it will feed that password to the site, who cares how long it is, or what complex character set it uses.
Password manager should be able to store the file wherever you want. Locally, or in the cloud. If you pick the cloud, it has to be safe to access from multiple devices concurrently. So it would have a sync function, not be a file that is held locked because it's "open".
The master database needs to be absolutely secure, so if anyone gets a copy, it's useless because your master password makes it secure.
I use Keepass. It exceeds all of the above.
|