Heywood
New member
They've only been breached 2x. Though they stated that no secrets were released...
-
There has been a recent cluster of spammers accessing BARFer accounts and posting spam. To safeguard your account, please consider changing your password. It would be even better to take the additional step of enabling 2 Factor Authentication (2FA) on your BARF account. Read more here.
Password managers - what do you use (you are using one, right?)
- Thread starter TylerW
- Start date
They've only been breached 2x. Though they stated that no secrets were released...
tzrider
Write Only User
Send me your “strongly encrypted word file” and I’ll send you your passwords in clear text.
Kewl Breeze
Minister of Silly Walks
Sort of in between manual and cloud method I use a flash thumb drive as the only place to keep pw's. I'm sure something can happen with that method as well but for me that seems to be the best option to lessen the risks.
p.s. The thumb drive is pw protected so if I forget that pw I'm screwed.
but at least I only have to remember 1 pw.
p.s. The thumb drive is pw protected so if I forget that pw I'm screwed.
but at least I only have to remember 1 pw.
Last edited:
TylerW
Well-known member
Sort of in between manual and cloud method I use a flash thumb drive as the only place to keep pw's. I'm sure something can happen with that method as well but for me that seems to be the best option to lessen the risks.
p.s. The thumb drive is pw protected so if I forget that pw I'm screwed.
Depending on how strong that password protection is, you're only mostly fucked if you ever lose that thumb drive.
However the storage on thumb drives is extremely volatile. I've had tons of them just die on me. I carry around a 64gb drive for sneakernetting files around, but I don't store anything that I can't lose on it. Everything on that drive has a backup in 1-2 other locations.
seadog
Veteran
- Joined
- Sep 4, 2006
- Location
- Benicia
- Moto(s)
- F650, Shiver, RSV4, ST3, Daytona 675, Wee Strom, VFR
- Name
- Kurt
on average I used the same password for every site
but I will include the site name as a differentiator
example
UN: Yakoo752
PW: Pa55w0rdBayAreaRidersForum
This way I only have to remember a short password... is it safe?
probably safer than other things
Had me thinking of Marathon Man.
If it's free, you are the product.
Climber
Well-known member
Free is not good when the only thing your are providing is all of your passwords.
Heywood
New member
Sort of in between manual and cloud method I use a flash thumb drive as the only place to keep pw's. I'm sure something can happen with that method as well but for me that seems to be the best option to lessen the risks.
p.s. The thumb drive is pw protected so if I forget that pw I'm screwed.
This is what I carry. https://www.amazon.com/gp/product/B0138MFM5Y with a wire keychain cable. So far after a couple years still working good.
Last edited:
stangmx13
not Stan
with password managers like 1Password, someone would need your master pw, your device, and your device pw to get access to any pw. then they'd need to use 1Password before you remote-wiped your device or wiped 1Password. pretty much all the other schemes in this thread present more risk, including a doc of passwords and a password-protected flash drive.
none of your passwords are stored in a useable form with 1Password. a malicious entity could have 1Password's entire database and its still useless without your device.
none of your passwords are stored in a useable form with 1Password. a malicious entity could have 1Password's entire database and its still useless without your device.
TylerW
Well-known member
This is a really compelling reason for me to switch. How do the password vaults get synced between devices? I'd need for desktop, laptop and mobile.
What happens if you need to sign in from another computer in an incognito session? Are you calling the vault up on your phone and typing in manually?
easter bunny
Amateur Hour
Is there an product/option to only run the pw vault from a USB drive? literally using a plug in "key" that has to be physically present, doesn't store in the cloud or sync?
tzrider
Write Only User
I think you actually could do that with 1Password.
Hooli
Bonafide
stangmx13
not Stan
1Password has many options for storing your secret key. single device including thumbdrive, iCloud, Dropbox, copies on multiple devices. I dont know all of them, nor entirely how they work. I think Dropbox is the best way to share 1Password across multiple non-iOS devices.
Last edited:
TylerW
Well-known member
Neat. Another chapter in my love-hate saga with Dropbox. I adore the company and their ethics, but I can't stand the product.
Anyhow, thanks for the info. Will have to explore further in a few days.
tzrider
Write Only User
1Password used to require Dropbox for syncing vaults, but you can just use their own cloud sync now. Having done both, I prefer the latter.
easter bunny
Amateur Hour
Do you mean the master password? I'll check it out, but I'm looking for something that requires you to plug in the physical USB drive into the machine, then it prompts you for a master pw, then it works until you unplug it. Nothing stored on the machine, cloud, etc.
Until I started lastpass I was half assing that concept with a pw encrypted spreadsheet with name, pw, url, account number, etc. I'd just like the convenience of auto fill, auto update, and maybe generate.
tzrider
Write Only User
1Password uses both a master password and a key that they generate when you create an account. You need the key when you install 1Password on a new device and you need the password whenever you sign into the app.