Go Back  FlyerTalk Forums > Travel&Dining > Travel Technology
Reload this Page >

help me find a great password manager

help me find a great password manager

Old Feb 3, 2013, 7:27 pm
  #46  
FlyerTalk Evangelist
 
Join Date: Nov 2002
Location: ORD
Posts: 14,302
Originally Posted by quick_dry
+1 for 1Password - though it is a bit pricey I use it across all my Windows PC's, Mac and iDevices. I also installed the browser add-on for chrome/firefox which works really well.

I sync it all via dropbox
LastPass syncs itself. No need to install two programs.
gfunkdave is offline  
Old Feb 4, 2013, 8:08 pm
  #47  
 
Join Date: Nov 2011
Location: SYD
Programs: VA WP, UA 1k, QR G, AZ WP
Posts: 358
Originally Posted by gfunkdave
LastPass syncs itself. No need to install two programs.
I use dropbox for many other things so its already on all my machines.
quick_dry is offline  
Old Feb 5, 2013, 1:31 am
  #48  
par
 
Join Date: Oct 2005
Programs: UA 2K GS, SQ PPS, AA Ruby, NW Gold, Hertz Gold, Hyatt Gold, Starwood Gold, Marriott Gold
Posts: 618
i love lastpass. works great and android as well, i have it integrated with dolphin (an android based browser).
par is offline  
Old Feb 6, 2013, 6:36 pm
  #49  
FlyerTalk Evangelist
 
Join Date: Dec 2002
Location: Danville, CA, USA;
Programs: UA 1MM, AS MVP, WN CP, Marriott LT Plat, Hilton Gold, IC Plat
Posts: 15,994
Originally Posted by aster
What's wrong with keeping everything in a small Excel file and cutting and pasting as needed? I realise this would be a pain on a phone/pad, but for desktop use it seems sufficient.
More theft occurs by lowtech means (stolen laptop, etc.) than hightech. I know someone who had her identity stolen with her laptop, and lost the backup as well when the thief took that drive which was next to the laptop (makes me feel better about hiding mine as well as keeping a remote copy). Lists meet the ease of use test but they fail the security test.
**

So I have a new problem. What happens if someone steals your password for 1password? If that occurs, any perp would have the keys to your entire kingdom as the program does not mask your passwords after you login. This is particularly of concern with mobile devices.

My current solution is to use code words for all my passwords. For example, "dog" might refer to my pets name spelled backwards with some digits in the middle or before/after it. So somebody who gets my list will have the account names but the passwords will be fairly meaningless.

I guess I could do the same thing with 1Password, but this will defeat the handy "autofill" feature for browsers (though I think that is not that useful to me anyway as it the most critical passwords are used in iPhone programs rather than browser windows.

Which brings me to another question: how to share this info with your spouse or s.o.? I suspect she will write down the password, or worse make an iphone note. And still a problem if I use the code words...
Boraxo is offline  
Old Feb 7, 2013, 7:21 am
  #50  
FlyerTalk Evangelist
 
Join Date: Nov 2002
Location: ORD
Posts: 14,302
Originally Posted by Boraxo

So I have a new problem. What happens if someone steals your password for 1password? If that occurs, any perp would have the keys to your entire kingdom as the program does not mask your passwords after you login. This is particularly of concern with mobile devices.


Which brings me to another question: how to share this info with your spouse or s.o.? I suspect she will write down the password, or worse make an iphone note. And still a problem if I use the code words...
Presumably you don't write your password on a 3x5 notecard taped to the bottom of your laptop. How else would someone get your master password? Telepathy? Use a strong password, don't write it down, and move on with life.

LastPass lets you share logins with other people, even without giving them the password in question.
gfunkdave is offline  
Old Feb 8, 2013, 2:43 pm
  #51  
 
Join Date: Oct 2008
Location: Port Moody, BC
Posts: 484
My master password is 26 characters long...this can be an issue when typing it on my iPhone due to fat fingers, but I'd rather risk the occasional screwup and subsequent retyping than make it easy for someone to access my passwords.
FXWizard is offline  
Old Mar 2, 2013, 12:18 am
  #52  
FlyerTalk Evangelist
 
Join Date: Jan 2006
Posts: 11,439
I assume there is a way to reset a forgotten master password on 1Password?
planemechanic is offline  
Old Mar 2, 2013, 5:36 am
  #53  
 
 
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,371
Originally Posted by planemechanic
I assume there is a way to reset a forgotten master password on 1Password?
assume? ... you know what they say.

http://help.agilebits.com/1Password3..._password.html

what kind of security would it have if it just allowed you to reset a forgotten master password?

-David
LIH Prem is offline  
Old Mar 4, 2013, 2:17 pm
  #54  
 
Join Date: Feb 2013
Location: NYC
Programs: AA Gold, US Silver, Starwood Gold, Starbucks Gold
Posts: 336
Just went through this exercise last week, and settled on Dashlane. Tried a bunch of the others (1Password, KeePass, Safe-in-Cloud, mSecure) and thought Dashlane did the best job on Windows, Google Chrome (browser extension), and Android. Dashlane does a great job of auto-logging you in on websites, and having the credit cards stored (assuming you can get comfortable with the security) is a huge time saver. I've been emailing their customer support over the past few days offering suggestions, and they're pretty responsive and seem to be actively developing the software. I don't like some of the other features they have (saving online receipts? accumulating points for doing things, making it social), but as a password manager, it rocks. In addition, I think they have the best style on Android, which bugged me about Keepass (I know, I know, vanity).

Not a shill, but a big fan of the product.
midnightinharlem is offline  
Old Mar 4, 2013, 6:38 pm
  #55  
FlyerTalk Evangelist
 
Join Date: Dec 2002
Location: Danville, CA, USA;
Programs: UA 1MM, AS MVP, WN CP, Marriott LT Plat, Hilton Gold, IC Plat
Posts: 15,994
Originally Posted by gfunkdave
Presumably you don't write your password on a 3x5 notecard taped to the bottom of your laptop. How else would someone get your master password? Telepathy? Use a strong password, don't write it down, and move on with life.
Because I am certain Mrs. B will write it down. In fact, I've already forgotten it (taking your advice I selected a new strong password that I haven't used before).

The other concern is where it is stored - locally or on a server. From the reviews I've read, 1Password does not have a "backdoor" so that should eliminate concerns about local storage, i.e. if your laptop or iphone is stolen. So then just the question about whether your data is stored remotely and can be hacked. See, for example, Evernote's password reset.
Boraxo is offline  
Old Mar 5, 2013, 7:22 am
  #56  
FlyerTalk Evangelist
 
Join Date: Nov 2002
Location: ORD
Posts: 14,302
Originally Posted by Boraxo
Because I am certain Mrs. B will write it down. In fact, I've already forgotten it (taking your advice I selected a new strong password that I haven't used before).

The other concern is where it is stored - locally or on a server. From the reviews I've read, 1Password does not have a "backdoor" so that should eliminate concerns about local storage, i.e. if your laptop or iphone is stolen. So then just the question about whether your data is stored remotely and can be hacked. See, for example, Evernote's password reset.
Perhaps it would be a good idea to remember your own password. It's only one password that you have to remember!

LastPass stores everything locally and on LastPass's server. It encrypts everything locally and sends the encrypted file of passwords to the server.

Why do you assume data stored locally can't be "hacked" but the same data stored remotely can? Nobody decrypted Evernote's customers' information. They stole encrypted password files and will have to devote a lot of very expensive computing time to cracking it - if they even can.
gfunkdave is offline  
Old Mar 5, 2013, 12:39 pm
  #57  
 
Join Date: Jul 2006
Location: North Dallas
Programs: AA Executive Platinum
Posts: 494
here's another vote for lastpass. I use it on my ipad/iphone, macbook, imac and office computer.

I have a very difficult master password and then tons of passwords inside there.

I use the autogenerate password feature often, especially for website's that I'm concerned about...
guy999 is offline  
Old Mar 5, 2013, 1:11 pm
  #58  
FlyerTalk Evangelist
 
Join Date: Dec 2002
Location: Danville, CA, USA;
Programs: UA 1MM, AS MVP, WN CP, Marriott LT Plat, Hilton Gold, IC Plat
Posts: 15,994
Originally Posted by gfunkdave
Why do you assume data stored locally can't be "hacked" but the same data stored remotely can? Nobody decrypted Evernote's customers' information. They stole encrypted password files and will have to devote a lot of very expensive computing time to cracking it - if they even can.
Would not agree with that assumption. However my greater concern is with remote info storage, i.e. cloud, servers, dropbox, etc. as there are active efforts to hack, as we've seen recently with Evernote.

That being said the more probable scenario is low tech theft, or in this case, theft of a laptop or more likely, an iphone or ipad that has local storage or perhaps automatic login to a website where info is stored. I have reasonable confidence in 1Password based on the reviews I read. The only weak spot I see is the password "hint" as there is no reset mechanism unless you are logged in.

Undoubtably any of these programs are better than my prior solution of storing account names and password hints on evernote (and staying logged in on my iPhone )
Boraxo is offline  
Old Mar 5, 2013, 5:02 pm
  #59  
 
Join Date: Nov 2011
Location: SYD
Programs: VA WP, UA 1k, QR G, AZ WP
Posts: 358
Originally Posted by Boraxo
I have reasonable confidence in 1Password based on the reviews I read. The only weak spot I see is the password "hint" as there is no reset mechanism unless you are logged in.
by 'reset', do you mean to change the hint remotely or to block access to the data on another computer if you're away from it?

If you're synchronising all your computers up via dropbox, then assuming the computer is still online, you could do the ultimate reset and delete/move the data files in dropbox on one computer - it will then update the remote computer to delete/move the 1P data files. (not perfect, but workable). Updating the master password on one connected computer would also update it on the others. (I use 1P via dropbox on my phone,tablet,work PC and 2 laptops)
quick_dry is offline  
Old Oct 27, 2013, 2:02 pm
  #60  
 
Join Date: Jul 2004
Programs: CO, UA, AA, WN, DL Gold
Posts: 2,981
like it

Originally Posted by gfunkdave
LastPass does everything you want, except it saves the passwords to lastpass.com.

LastPass encrypts everything on your local computer before sending it to lastpass.com, so they never see your passwords. It also never sends your master account password to them (they just store a hash of the password), so only you ever know your password.
I just started using it and it works well mostly. Delta.com seems like it doesn't want to work with it.
thebat is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.