Do you use a Password Manager software? If so, chime in!
I noticed on /. that LastPass was hacked and was looking for a few other recommended pw mgmt software packages. In the past, I have used the pw excel spreadsheet (I know, dumdumdedumdum!) but I guess its better than in notepad or Word w/o any sort of pw to get into it.
https://it.slashdot.org/story/17/03/22/2310231/lastpass-bugs-allow-malicious-websites-to-steal-passwords
In the meantime, I have found another article on some of the most popular, according to PC Mag:
The Best Password Managers of 2017 | PCMag.com
And a few co-workers/friends of mine have recommended these:
KeePass Password Safe
https://pwsafe.org/
https://www.password-depot.com/
https://safe-in-cloud.com/en/
Just thought I would share and possibly get your "expert" opinions, because...YES, they matter!
Cheers & HI5!
https://it.slashdot.org/story/17/03/22/2310231/lastpass-bugs-allow-malicious-websites-to-steal-passwords
In the meantime, I have found another article on some of the most popular, according to PC Mag:
The Best Password Managers of 2017 | PCMag.com
And a few co-workers/friends of mine have recommended these:
KeePass Password Safe
https://pwsafe.org/
https://www.password-depot.com/
https://safe-in-cloud.com/en/
Just thought I would share and possibly get your "expert" opinions, because...YES, they matter!
Cheers & HI5!
CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
Comments
-
CyberSecurity
Member Posts: 85 ■■■□□□□□□□
I still use LastPass mostly because it was just a vulnerability from what I read instead of an actual break-through-encryption type of hack. Basically if you visited a malicious site, the exploit would fake a site hopefully stored in your lastpass records (yahoo or gmail.com) and automatically type in the info into the username and password field. You can prevent this by turning off the Auto-fill function and ensuring you're at the correct website before using the more manual fill feature.
I'm going to check out the other ones you've posted though; Thanks for sharing!Ph.D. IT [UC] - 50% complete
M.S.C.I.A. [WGU] - Completed 6/2018
B.S.I.T.M. [WGU] - Completed 4/2017 -
paul78
Member Posts: 3,016 ■■■■■■■■■■
I've always used Keepass locally. I don't believe in using cloud-based password vaults as a rule. -
JockVSJock
Member Posts: 1,118
Been using Password Safe for over 3 years now.
Have nothing but great things to say about it.***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)
"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown -
rob42
Member Posts: 423
To be honest, I don't understand the need for a password manager. It's very easy to come up with your own 'password system' that is both easy to remember, yet very strong (in terms of 'crackability').
The first rule has to be: Don't tell ANYONE what your system is. Using any kind of Password Manager is going to give someone a starting point. Why would you give anyone that kind of a lead?No longer an active member -
PlayDoh72
Member Posts: 13 ■□□□□□□□□□
Our company uses Thycotic Secret Server. It's very secure, has very granular controls and outstanding auditing / reporting features. It's a little expensive, but if ever an incident arrives and we have to go before our board or a panel of lawyers, we can say we purchased a backed, enterprise-level solution from a reputable vendor and not "hey, we got this free thing from the net!" -
PocketLumberjack
Member Posts: 162 ■■■□□□□□□□
I use LastPass. It is constantly under review by security researchers, like Tavis, and it has been patched every time an exploit has been found in a very timely fashion. I love that I only need to remember 1 very strong password and then I have very strong passwords everywhere.Learn some thing new every day, but don’t forget to review things you know.
