Jump to content
Malice4you

Don't re-use your passwords everywhere!

By Malice4you, in General Discussion

Recommended Posts

Krdshrk    3,877

Krdshrk
Posted
9 hours ago, Kevin125 said:

Use a password tool like Dashlane.  Let it randomize your passwords and remeber them for you.  These tools have some limitations but it deals with the issue of manage passwords and re-use.

Yeah don't use any ONLINE tools - LastPass has been hacked repeatedly.  I use KeePass - it's all kept local and offline, though you can backup the password database to a thumb drive or file backup.  It's encrypted and does help generate passwords.  It won't autofill for you but hey, security over convenience.

Share this post

Link to post
Share on other sites

raz-0    1,259

raz-0
Posted
1 hour ago, Krdshrk said:

Yeah don't use any ONLINE tools - LastPass has been hacked repeatedly.  I use KeePass - it's all kept local and offline, though you can backup the password database to a thumb drive or file backup.  It's encrypted and does help generate passwords.  It won't autofill for you but hey, security over convenience.

Last pass was hacked once that I know of. It compromised your account info and not your encrypted password vault. 

The second "hack" was really an exploit of the browser plug in. 

My $0.02... I'll trust a company that admits rapidly to security issues more than one that claims to have never had one, and WAY more than one that "has never had one" because they have never made a peep on the subject. 

keepass in password mode has been cracked in ~12 minutes with GPU accelerated hashcat.  If it is used in cert mode, it's only as secure as your manual certificate management. 

So.. I pay lastpass to do their best. Which is better than I coudl do on my own with keepass in terms of usability and consistency. 

 

 

  • Like 1

Share this post

Link to post
Share on other sites

raz-0    1,259

raz-0
Posted
14 hours ago, Bklynracer said:

Anybody ever hear of  strikeforce technology? It's a encryption software  

https://www.strikeforcetech.com/

Not really the same stuff as what we are talking about. Their protectID app is a multifactor auth application like duo, safeword, MS MFA, etc. 

Their GuardedID stuff sounds interesting, but I'm not sure how they can avoid vulnerability once code has been executed on the local machine. I think they may be talking out of the side of their mouth trying to imply some protections they can't assure. Some of the stuff it could definitely do, but only if they have access to all your web browsing traffic and keystrokes. 

 

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.



×
×
  • Create New...