View Full Version : Safe to use password management apps?
09-21-2011, 05:08 PM
Now that I've carefully reset all my account passwords with long and complicated characters, it's nearly impossible to remember them all.
I've seen software advertised that will manage passwords, and even my Firefox browser seems to have some kind of "master" password feature.
Is it practical -- and more importantly, safe -- to use password management apps?
09-22-2011, 09:39 AM
I don't use any 3rd party app to store any confidential information.
Instead, I use a tangible (vs virtual) address book and a good old-fashioned pencil to record passwords.
It's small enough to take with me on trips. I carry it onto planes rather than in checked luggage.
10-06-2011, 02:04 PM
I agree. If somebody gets on your computer do you want them to have to just crack one password to get to all your passwords?
Anyway, why do you make them super complicated and hard to remember?
There was an interesting test done that showed the super hard to remember passwords are actually easier to crack than easy passwords.
Basically you take 4 random words, make a sentence out of them (sorta) and add some punctuation (if the site requires special characters) and numbers (if req'd) and your password is now easy to remember but almost impossible to crack.
A very good example that is sorta easy to understand is http://xkcd.com/936/
11-24-2011, 11:52 AM
Of course, everything has trade-offs. What I've found most people (who don't use some sort of password manager) do is use the same password everywhere, which is terrible! I've been using a third-party app for several years called Data Vault. It has Windows and Blackberry/iPhone/Android apps that sync between the desktop and the smartphone. It's true that if someone cracked my "master password", they would have all of my passwords, but it's complex enough that I'm not too worried about that, and it's certainly no less secure than a pen-and-paper pad that someone could find/steal. And above all, it's infinitely more secure than using the same password everywhere!
02-23-2012, 04:24 AM
One word, many uses:
LastPass @ lastpass.com
The password manager used by notable security professionals for doing everything right. It's also free.
If you are really interested in exactly how awesome it is, check out Steve Gibson's (security researcher) analysis:
There is also a very inventive way to generate a secure password without an internet connection:
*No affiliation with Steve Gibson or LastPass but both are highly recommended!
Steve Gibson is known for coining the term "spyware" and has been in the game since the beginning... A great guy to follow. ("Others created the spyware. He just found it.")
LastPass does everything right, from pre-egress encryption to high entropy password generation.
02-25-2012, 02:12 AM
Yes they are very important to use password management apps for security from unauthorized user.
If you use an open-source password manager, you'll be much better off than with proprietary solutions. Try: keepass.info