Password Overload
Jan 10, 2011 | 8:48 am
#31
Join Date: Apr 2008
Location: GEG
Programs: Hilton Diamond, Hertz PC, Delta Silver
Posts: 477
Password overload is quite a bit of a hassle these days!!
I personally now use Lastpass, which according to the others on this thread is also popular here.
I am paying for the premium subscription, mainly because of its great integration with the Dolphin browser on Android, however I also use it with Yubikey.
Other alternatives are KeePass (open source and free) and Roboform. There are loads others but these are reckoned to be the best.
I personally now use Lastpass, which according to the others on this thread is also popular here.
I am paying for the premium subscription, mainly because of its great integration with the Dolphin browser on Android, however I also use it with Yubikey.
Other alternatives are KeePass (open source and free) and Roboform. There are loads others but these are reckoned to be the best.
Jan 10, 2011 | 9:38 am
#32
Join Date: Mar 2003
Location: Denver, CO USA
Programs: UA 1K, Marriott Platinum, Hilton Gold, Holiday Inn Platinum, peon on the rest
Posts: 677
I admit it, my ability to remember all my passwords is long gone. I have always resisted recording them all on a portable laptop for security reasons but now I am overwhelmed. Any successful practices or useful tips are appreciated especially by road warriors in the same boat.
1) there are BB and IPhone apps and they will sync
2) you can sync to multiple devices (such as laptops, etc)
3) does much more than just password (such as bank info, credit cards, etc)
4) Is password protected and encrypted
5) can be used to generate passwords as well as store them
I am NOT endorsing this product, just saying that it has worked well for me. YMMV
Jan 10, 2011 | 10:50 am
#33
Join Date: Sep 2007
Location: SNA, LAX
Posts: 425
I also use eWallet. I keep my (password protected) password file in a private space online, so I can access the password file from home or work and it always stays in sync. There's also an Android viewer that can be synced via USB.
Jan 10, 2011 | 10:54 am
#34
FlyerTalk Evangelist
Join Date: Aug 2002
Location: Department of Homeland Sincerity
Programs: WN Platinum, UA 1k, AA EP, Marriott Plat
Posts: 12,319
Keepass.info - I STRONGLY endorse Keepass (classic edition), open source, free, and multi-platform.
I have it on my Android phones as well as my computers. Best of all, Keepass is portable, so you don't have to install it. It can be backed up on a USB thumb drive.
Why would anyone use ANYTHING else other than Keepass (unless you're on a mac)??
Keepass is #1, the one I recommend and use. No need to look elsewhere. I even donated to Keepass (along with Truecrypt) because that's how useful the utility is to me.
I have it on my Android phones as well as my computers. Best of all, Keepass is portable, so you don't have to install it. It can be backed up on a USB thumb drive.
Why would anyone use ANYTHING else other than Keepass (unless you're on a mac)??
Keepass is #1, the one I recommend and use. No need to look elsewhere. I even donated to Keepass (along with Truecrypt) because that's how useful the utility is to me.
Jan 10, 2011 | 10:56 am
#35
FlyerTalk Evangelist
Join Date: Aug 2002
Location: Department of Homeland Sincerity
Programs: WN Platinum, UA 1k, AA EP, Marriott Plat
Posts: 12,319
I don't think so. Firefox and Chrome are open source and are in theory open to being vetted. Security vulnerabilities once found are rapidly addressed by the community. Can't know what is going on under the hood of these other systems, and for sure, any vulnerabilities aren't being checked out and announced to the world.
We are much, much safer with open source password "vaults".
We are much, much safer with open source password "vaults".
I don't like browser based passwords. Those can be potentially exploited by browser vulnerabilities, or just someone sitting in front of the PC and using the browser.
I use Keepass because it's authenticate once, use it for everything (even non password stuff like credit card info). I have it set to auto-lock after a certain time, or if the PC screen saver comes on.
Jan 10, 2011 | 11:01 am
#36
FlyerTalk Evangelist
Join Date: Aug 2002
Location: Department of Homeland Sincerity
Programs: WN Platinum, UA 1k, AA EP, Marriott Plat
Posts: 12,319
I don't want my mobile security apps to have network communication access - who knows if the app isn't leaking my private info to a server on the internet for hackers?
I much prefer Keepass and Keepass Droid (on Android) that are completely free, open source, and all your data is in your control.
Jan 10, 2011 | 11:05 am
#37
FlyerTalk Evangelist
Join Date: Aug 2002
Location: Department of Homeland Sincerity
Programs: WN Platinum, UA 1k, AA EP, Marriott Plat
Posts: 12,319
i keep mine abbr. in a notepad its fairly easy to do if you use a variation of word(s)/combos
ie.
password base is: flyertalk
American: FT1 (flyertalk1)
US: FT11 (flyertalk11)
UA: FT1- (flyertalk1-)
Delta: 11FT1 (11flytertalk1)
I have sites that require other chars and some that do not allow which is quite annoying. I have also used a number base so I could just use the # sign instead of the real number.
ie.
password base is: flyertalk
American: FT1 (flyertalk1)
US: FT11 (flyertalk11)
UA: FT1- (flyertalk1-)
Delta: 11FT1 (11flytertalk1)
I have sites that require other chars and some that do not allow which is quite annoying. I have also used a number base so I could just use the # sign instead of the real number.
To not use something like keepass these days is irresponsible, if you're dealing with very sensitive information online.
Jan 10, 2011 | 8:14 pm
#38
Join Date: Jul 2010
Posts: 4,096
I can recommend 1Password for OSX. It's a clean, easy to use, well integrated app that works seamlessly with Safari. The Dropbox syncing is great for set up and forget about it transferring of data to/from all devices (iPhone, iPad, Mac, PC).
Jan 11, 2011 | 9:51 am
#39
Join Date: Oct 2000
Location: The Villages, FL USA
Programs: AA PLT 2mm
Posts: 220
I use the premium version, for $12per year. It gives me access to a lastpass client for my Blackberry.
Otherwise, the free version works fine. (I also pay to support the developers, they do a great job )
Jerry
Otherwise, the free version works fine. (I also pay to support the developers, they do a great job )
Jerry
May 5, 2011 | 8:02 pm
#40
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,708
lastpass is having some problems apparently?
http://blog.lastpass.com/2011/05/las...ification.html
(security issues; master passwd change recommended; server overload; aftermath?)
http://bits.blogs.nytimes.com/2011/0...er=rss&emc=rss
http://blog.lastpass.com/2011/05/las...ification.html
(security issues; master passwd change recommended; server overload; aftermath?)
http://bits.blogs.nytimes.com/2011/0...er=rss&emc=rss
May 6, 2011 | 1:38 pm
#42
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,708
If I were using lastpass, I certainly would change my master password, however, their servers can't handle the load from all their users changing their master passwords at the same time. So you can't just change it and expect it to work everywhere until they resolve that problem. That's an even bigger problem if you ask me. And what started all this is a data transfer that they don't understand and couldn't explain?
Maybe (eventually) some good will come of this incident, but until it does ...
To each their own, I guess.
-David
May 6, 2011 | 2:31 pm
#43
Join Date: May 2002
Location: SAT
Posts: 371
Many ways to make your own secure password
and make it easy to remember
if you are at site X, let's say you were born on the 7th of may .... start at the numeral 7 and "go downhill" = 7ujm ... now go to where the 5 is but GO UPHILL WITH CAPLOCKS ON = BGT5....
thus your password for site X = 7ujmBGT5
simply do variants of the above ...
home address = 3345 .. so you use 4 and 5 = password 4rfvBGT5...
etc etc ad infinitum
if you cannot remember your birthdate, house number or last 4 of mobile phone number ... you should not be allowed to touch a keyboard.
if you are at site X, let's say you were born on the 7th of may .... start at the numeral 7 and "go downhill" = 7ujm ... now go to where the 5 is but GO UPHILL WITH CAPLOCKS ON = BGT5....
thus your password for site X = 7ujmBGT5
simply do variants of the above ...
home address = 3345 .. so you use 4 and 5 = password 4rfvBGT5...
etc etc ad infinitum
if you cannot remember your birthdate, house number or last 4 of mobile phone number ... you should not be allowed to touch a keyboard.
May 6, 2011 | 2:32 pm
#44
FlyerTalk Evangelist
Join Date: Sep 2000
Programs: BA, AA, DL, KLM, UA
Posts: 37,489
Using a longer non-dictionary word master password is good advice, but you aren't saying that lastpass users shouldn't be concerned about this, are you?
If I were using lastpass, I certainly would change my master password, however, their servers can't handle the load from all their users changing their master passwords at the same time. So you can't just change it and expect it to work everywhere until they resolve that problem. That's an even bigger problem if you ask me. And what started all this is a data transfer that they don't understand and couldn't explain?
Maybe (eventually) some good will come of this incident, but until it does ...
To each their own, I guess.
-David
If I were using lastpass, I certainly would change my master password, however, their servers can't handle the load from all their users changing their master passwords at the same time. So you can't just change it and expect it to work everywhere until they resolve that problem. That's an even bigger problem if you ask me. And what started all this is a data transfer that they don't understand and couldn't explain?
Maybe (eventually) some good will come of this incident, but until it does ...
To each their own, I guess.
-David
May 6, 2011 | 3:08 pm
#45
FlyerTalk Evangelist
Join Date: Aug 2002
Location: Department of Homeland Sincerity
Programs: WN Platinum, UA 1k, AA EP, Marriott Plat
Posts: 12,319
Exactly why I don't trust storing my passwords online. Why keepass is still the best solution for me.