[elevatorman]

Quote:

Originally Posted by sdeikenberry

Kaspersky has long been a trusted name for anti-virus protection and they also offer a password manager that is very good. I've used it for some 10 years now along with their anti-virus, and I have never had any issues. I also have the extension installed on Chrome and my password protected websites open automatically with the master password. Your master password is not stored so you have to remember that one. The Kaspersky Total Protection software is outstanding IMHO.

I don't trust the Russians.
Laboratoriya Kasperskogo) is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO.

[fsusix]

I use one password - got the info from a person that ran a computer company. I love it and sure has simplified my life .

[retiredguy123]

Having a password manager app is like having a safe in your house. A thief knows that, if they break into the safe, they will find something of value. But, if you hide your passwords in a document that only you know exists, it is very difficult for a hacker to find it.

[GizmoWhiskers]

Quote:

Originally Posted by retiredguy123

I don't trust them. I list all of my passwords on an MS Word document that requires a password to open. If I forget a password, I can use the document to find it. The Word document is on my Google Drive which can be accessed from anywhere.

Same but not out there in a cloud or on Google Drive. Mine are in a coded form and my kids have a hand-written list of the codes to de-code them should I croak.

[rsmurano]

Apple doesn’t take security serious? WHAT? Didn’t apple withhold info to the fbi on how to hack in to the iPhone? Google would have easily broke down and would have given the Chinese and the fbi your info.
2 factor authentication along with iCloud Keychain if you are an all apple environment.
If you use windows, you are already hacked!

[jimkerr]

Quote:

Originally Posted by Michael G.

I been tempted many times to use one of the password managers that are available.

My son works out of his house for a national bank, and keeps reminding me
they can and known to be hacked and recommends against them.

Your Thoughts

Yes, it’s a great option! I use 1Password. It’s secure.

[Wallenpaupack]

1Password

[Ptmcbriz]

Apple has never been hacked. That’s why the FBI needed Apple to show it how to get into an iPhone. Apples iCloud Keychain password assignment is random digits that are encrypted stored at Apple, and to get into your Keychain you need face recognition. It also triggers all apps and websites that use facial recognition to be activated for that added layer of security.

[asianthree]

Quote:

Originally Posted by Michael G.

I been tempted many times to use one of the password managers that are available.

My son works out of his house for a national bank, and keeps reminding me
they can and known to be hacked and recommends against them.

Your Thoughts

So your son works for nation bank and reminds you they have been know to be hacked. You are questioning his insight, with non entity on a public site, in hope someone will give you the answer you are looking for.

So our son’s roommate from college works independently for multinational companies, finding hidden finances, from those who don’t want to be found.

On his last visit, he said no password manager or not is beyond being hacked if someone chooses to do so. He suggested address book (yes paper) Change passwords monthly on important banking/credit accounts. No password should be close to the next.

To prove his point using his computer he accessed 3 of our accounts within 15 minutes.

So his view on password managers is, Thank you for using them, I just need to get into that account to open every account you have on that manager app

[daniel200]

I do not trust password managers (like 1password) that store your data in the cloud. When you allow that, you are trusting that any and every employee of that company and several unknown companies are trustworthy. All it requires is one rogue software engineer to introduce some code that allows them to access your cloud data. All software companies today use code libraries created by other companies … so your 1password app has code created by multiple companies. These code libraries are constantly being updated which makes it relatively easy for the rogue employee to interject something nefarious.

Instead I choose to use a password manager (like keepass) that only stores the data locally. I can easily manually synch the data across devices. I have several hundred passwords stored this way.

[Altavia]

Quote:

Originally Posted by rsmurano

Apple doesn’t take security serious? WHAT? Didn’t apple withhold info to the fbi on how to hack in to the iPhone? Google would have easily broke down and would have giv n the Chinese and the fbi your info.
2 factor authentication along with iCloud Keychain if you are an all apple environment.
If you use windows, you are already hacked!

For sure.

Home grown "creative" kinds of password mental gymnastics to manage passwords are flawed and not helpful to the average user who likely is using the same password on multiple sites.

For the average person, Password managers make it easy to keep your passwords safe, secure, complex, unique and easy to use.

[spinner1001]

Quote:

Originally Posted by rsmurano

Apple doesn’t take security serious? WHAT? Didn’t apple withhold info to the fbi on how to hack in to the iPhone? Google would have easily broke down and would have giv n the Chinese and the fbi your info.
2 factor authentication along with iCloud Keychain if you are an all apple environment.
If you use windows, you are already hacked!

If one is using Apple’s built-in password manager, KeyChain, on an iPhone, one’s passwords are protected by only the phone’s passcode that opens the phone’s screen. A bad actor looking over the shoulder of an iPhone user in a restaurant, bar, airport, and so on can observe the user entering their phone’s passcode, which opens the phone’s screen and KeyChain passwords. After a bad actor knows the phone’s passcode, they could take the phone by theft or robbery and now they have access to all the iPhone owner’s passwords stored in KeyChain. Google’s Android phones have a similar risk.

Here is a newspaper story about this kind of risk on phones and the technology limits on basic phone security:

A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - WSJ

Reputable pay password managers offer stronger protection than the free built-in Apple and Google password systems at least on mobile devices. Whether one wants extra protection for their passwords is a personal decision.

[spinner1001]

Quote:

Originally Posted by asianthree

He suggested address book (yes paper) Change passwords monthly on important banking/credit accounts.

That system sounds simple and elegant but it isn’t. First, loss of one’s paper address book with the only record of dozens or hundreds of important passwords from forgetfulness, fire, hurricane, and so on could be disastrous to one’s life. Risk of loss of a paper address book with my only record of hundreds of passwords is too high for me. Making a duplicate copy of the address book and storing it in a bank safe deposit box and also changing certain passwords monthly requires going to the safe deposit box monthly is a hassle at least for me and I likely would not keep the second copy up to date.

The less convenient any system, the less likely one uses that system over the long run. For me, there is a trade off between very good password technology protection but not 100% risk free and convenience. Nothing is 100% risk free.

[cphague]

Look at it this way. With this discussion, most of what everyone is talking about is better than most people ever do to protect their online access. All of this makes it more likely that the hacker is going to go to the next person with less security as they do not want to work harder than they have to. So:

1 - For all your sites that have access to information you do not want exposed, you should used multi-factor authentication. Have it send the code to your phone via text or better yet, use an authenticator. Look in the security section of your account on the website to set it up.
2 - For the rest use a strong password (look it up) or a passphrase (even better). Do not repeat passwords or passphrases from one site to the next.
3 - If you like a password manager for your passwords, use it. If you keep an encrypted excel file on Google drive, fine. If you keep it on a USB, gulp...those things go bad and get lost. Just use something other than leaving your passwords laying around. The key is to use something to store your passwords in a secure manner.
4 - Keep your PC and Phone updated all the time with the latest security patches. You don't want someone camping out on your PC or phone grabbing your info.

You'll likely never fully get away from passwords, but where ever you can, use multi-factor authentication.

Quote:

Originally Posted by Michael G.

I been tempted many times to use one of the password managers that are available.

My son works out of his house for a national bank, and keeps reminding me
they can and known to be hacked and recommends against them.

Your Thoughts

[thelegges]

[QUOTE=spinner1001;2247040]That system sounds simple and elegant but it isn’t. First, loss of one’s paper address book with the only record of dozens or hundreds of important passwords from forgetfulness, fire, hurricane, and so on could be disastrous to one’s life. Risk of loss of a paper address book with my only record of hundreds of passwords is too high for me. Making a duplicate copy of the address book and storing it in a bank safe deposit box and also changing certain passwords monthly requires going to the safe deposit box monthly is a hassle at least for me and I likely would not keep the second copy up to date.

The less convenient any system, the less likely one uses that system over the long run. For me, there is a trade off between very good password technology protection but not 100% risk free and convenience. Nothing is 100% risk free.[/QUOTE

How many password does one have? Hundreds thankfully I don’t spend that much time online