[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Password Management Tools

Posted on 2014-08-03
22
Medium Priority
?
356 Views
Last Modified: 2014-08-11
hi all
i'm looking for password management tools to save all my id & passwords for banks , &  other requirement in secure & safety places against hackers
i have iphone , but i worry to save it inside if no secure place
any advice
0
Comment
Question by:NiceMan331
  • 8
  • 5
  • 4
  • +2
22 Comments
 
LVL 10

Assisted Solution

by:Scott Thomson
Scott Thomson earned 668 total points
ID: 40238338
It's called paper. hackers have a very hard time accessing this. its wifi secure and no maleware can attack it :P

Ok now for real.
and in theme with the above no hacker can access something that is off network. so if you have an old pc that has no internet access then this is a good idea.

Everything from the NSA to TOR and even SSL is being hacked these days. Hell I read an article where some geniuses hacked the firmware on a usb in the way it reads and sends data meaning it is capable of being infected with no way of knowing.

really there are many programs that work well but the key is to
1. use a strong password
2. Use a long password
3. Do NOT use your cat/dog/son/wife as any form of password
4. Do not ever use the same passwords for multiple accounts

The danger about "wallets" which store multiple passwords is that if you get the 1 wallet password you get the bonanza to all passwords.

There is no real easy solution here for you. but you can reduce the risks.
0
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 40238373
Scott Thomson has made some excellent points.  That said, you need to balance security with ease.  If possible, use nothing.  You brain cannot be lost, hacked (practically speaking), or copied.  

Change passwords regularly, but I use a tool called KeePass 2 - it's free and does a lot of things to protect your password, including never displaying the password unless you explicitly request it be displayed, you can copy it to your clipboard without viewing it and then a timer expires the clipboard so it's never residing in memory very long. My master password is not a password, but a pass phrase that's well over 30 characters long.
0
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 40238379
Oh, and KeePass offers ports on multiple platforms - I save my KeePass database to OneDrive and can access the database from my Android Cell phone, Windows laptop, Windows desktop, Surface tablet, Windows Tablet, and Android tablet so I don't have to maintain multiple databases.  There is a version for iPhone, but it's poor at best because you can't tell it to use the "shared" database (just the way apple likes you to work).
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 

Author Comment

by:NiceMan331
ID: 40238461
ok thanx to both
by the way , i'm already regular customer for : bitdefender total security
it has one available product in my purchased bakage named : security wallet , it can save all passowrds , but i not yet use it because i still worry about it , do you think that it is usefull to use it ?
0
 
LVL 24

Assisted Solution

by:Eirman
Eirman earned 664 total points
ID: 40238476
The best online solution I have come across is Lastpass
https://lastpass.com/

Nevertheless I still wouldn't recommend using any online solution for hyper-critical passwords such as paypal and banking.

I've attached my easy-to-remember passphrase guide
Passphrases.txt
0
 

Author Comment

by:NiceMan331
ID: 40238489
Eirman , good quidness to create secured password , but still my brain cann't remember all of them , don't forget that i want to save also the user names for all sites
0
 
LVL 24

Expert Comment

by:Eirman
ID: 40238649
I have been researching this further (for my own security)

This is a really excellent free local password manager ....
http://passwordsafe.sourceforge.net/

If you want to use your data from passwordsafe online try this
http://www.axantum.com/Xecrets/Default.aspx

(Axantum created the very useful and free AxCrypt encryption program)
0
 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40239534
I use 1Password by Agile Bits, and I swear by it.  It creates all my passwords for me, I can monkey with the recipe (how many symbols, how many numbers, and length of password), and then I don't have to remember a single one (except for my 24-character passphrase to get into 1Password).  I am able to port it over to my phone, so I can have all my passwords there too.  It also has secure notes, so I can put notes in there, get them from my computer or my phone, and they're protected as well.

I love it.
0
 

Author Comment

by:NiceMan331
ID: 40243049
let me think well about using online store , or keep it manual paper in my pocket
0
 

Author Comment

by:NiceMan331
ID: 40250349
hi to all
i think i will get advice of manual writing of password , more safety than be online saving
but i would like to thank all experts who posts here
now i'm in trouble , how do i distribute the points , admin please help me
0
 
LVL 97

Accepted Solution

by:
Lee W, MVP earned 668 total points
ID: 40251386
I would suggest that you also look at the priority of your passwords.

Bank and credit card passwords and those to pay bills need to be protected more strongly than the password you use to log in to most forums.  

The other thing you can do is NEVER store the ENTIRE password - use a program and save the passwords, but then always leave off the last two characters of the password - memorize those.  Anyone gets hold of the file, they think you've changed them all, not that they have to guess two more characters to get in.

Finally, DO NOT use the same password for every site or even a class of sites (PERHAPS except for low priority sites).  Meaning if you have two bank accounts, use two COMPLETELY different passwords (not the same one for all your bank accounts but different for your email).
0
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 40251387
As for points, distribute them based on who gave you information you found valuable.  If someone posting something that wasn't helpful AT ALL, they deserve nothing.  If you got useful information, figure out how useful it was and award SOME points, the more useful, the more points.
0
 
LVL 24

Expert Comment

by:Eirman
ID: 40251755
The other thing you can do is NEVER store the ENTIRE password - use a program and save the passwords, but then always leave off the last two characters of the password - memorize those.
Great suggestion Lee
0
 
LVL 10

Expert Comment

by:Scott Thomson
ID: 40252503
^ yes I agree. or pick a letter like "e" and when you enter your password replace "e" with a fake letter like "g" that way every password you have is "incorrect" yet when read by yourself again you can easily decrypt them. this is what we call "old school encryption" haha

that way the amount of time required to guess your passwords and attempts will lock any account long before they manage to get the pattern
0
 
LVL 24

Expert Comment

by:Eirman
ID: 40252775
+1 for the collective EE brain.
0
 

Author Comment

by:NiceMan331
ID: 40252956
scott
very good advice
thanx
0
 
LVL 10

Expert Comment

by:Scott Thomson
ID: 40253246
Happy to help ^_^
0
 

Author Comment

by:NiceMan331
ID: 40253329
Can you help me to memorize letter to letter , as your example e=g etc
0
 
LVL 10

Expert Comment

by:Scott Thomson
ID: 40253704
Oh its not change ALL the letters. Maybe just 2 common ones..

Make each password have at least 1 of these letters

Perhaps sounding similar
A > k
E > c
Theres no need to change all letters.. thats grand overkill.. just 1 or 2 at most I would say.
0
 

Author Comment

by:NiceMan331
ID: 40253734
Ok , I got it , thanx
0
 
LVL 10

Expert Comment

by:Scott Thomson
ID: 40254895
That way you could even store them in plain text (I wouldn't suggest it) but if they are found they are still at least 10,000 combinations to be tried (with lets say 6 digits) before they might guess it correctly.
0
 

Author Comment

by:NiceMan331
ID: 40254953
i will use ms access database to store them in
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
MSSQL DB-maintenance also needs implementation of multiple activities. However, unprecedented errors can hamper the database management. In that case, deploying Stellar SQL Database Toolkit ensures fast and accurate database and backup repair as wel…
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

868 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question