Pages:
Author

Topic: Importance of Proper Password management (Read 348 times)

legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 30, 2024, 10:19:27 PM
#31
When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else.
If you are a programmer, coder, you can go for it by programming your own password manager. You can believe it is good because it is built up by yourself but in quality and security, no guarantee that your own-built password manager is actually good.

If you have to use a third-party password manager, it is not actually bad if you choose an open source one to use.

Quote
I think with this there is no privacy.
If it is open sourced, verified and got good reviews by community, it's good. And if you use it offline, it's another good practice.

Quote
It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time.
Password managers are better than simple available tools so people use it and rank it is better choice. You are saying the opposite to the truth. Password managers are similar to Bitcoin wallet softwares. People need to filter many available ones, pick good one to use and have good practice at the end.
hero member
Activity: 1554
Merit: 880
pxzone.online
August 30, 2024, 08:37:29 PM
#30
Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.
Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.
This is true, your assistant tool become your enemy if this happens. That's why it needs to regularly using it. While i don't usually use password manager since i always use a password with combination of site's name and numbers, with email categories so if i cant remember it i will just use forget password using the email i usually use dor such kind of websites.
hero member
Activity: 784
Merit: 672
Top Crypto Casino
August 30, 2024, 07:04:41 PM
#29
Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.
Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.
legendary
Activity: 1708
Merit: 1280
Top Crypto Casino
August 29, 2024, 09:55:55 AM
#28
With these our browsers offering their password manager so you don't need to retype your password every time you will use it but of course make sure that your device will not be comprise as possible use a license software to prevent possible malware and keep updating your device too at the same time to prevent possible vulnerabilities. Personally I do always check the IP address of my BTT account so I make sure no one will access [1] just for additional safety of my account of course. AFAIK google before makes a check for the password vulnerabilities that they recommend you to update your password.

Code:
[1] https://bitcointalk.org/myips.php
hero member
Activity: 1050
Merit: 592
God is great
August 28, 2024, 06:05:36 PM
#27
I believe password management is one of the most important things for anyone who register accounts at various sites. I personally use different passwords on each platform only so I can be safe from data breaches.

I don't prefer any password manager to the ones who have a air gapped setup because they can literally save all their passwords as a text file and then save it on their air gapped system. It's that simple.
When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else. I think with this there is no privacy. It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time. Though I haven't use any password manager app before to see how it works but I don't feel okay with this style of saving password.

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.
sr. member
Activity: 308
Merit: 256
August 28, 2024, 01:49:53 PM
#26
Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.

I really agree with you on this, completely relying on our brain to store information that might be use frequently can be very problematic to remember, indeed a good proper password management can be very helpful since we can easily fall back to them at the time of need, storing off line in different locations should also be encouraged since we can not completely rely on our brain all the, and most times when the brain undergoes certain level of stress we are prone to forget something at the time we needed them the most. We shouldn't learn the hard rather we should learn from other people mistakes.
sr. member
Activity: 672
Merit: 416
stead.builders
August 27, 2024, 01:29:41 PM
#25
The management of password is what we should take with serious caution, its not by where or how the password is being store alone, but in what is used in storing them, many will think of the use of a password manager for storing their keys and passwords which is a complete wrong approach because they operate online and under a central authority, our password should be be only us can have access to without involving a third party in securing it.
newbie
Activity: 23
Merit: 0
August 27, 2024, 01:14:46 PM
#24
Password Managers

You should really consider adding Bitwarden to that list.

Thank you very much for the guides. I'll make a bookmark of it.
I'm sorry for asking questions that already have an answer, that was my mistake a s beginner.

You should also take a look at Bitwarden and the reviews.

Also you should bookmark https://ninjastic.space/search and https://search-beta.ninjastic.space/ for better search in this forum Wink
They have the potential to get you a lot of info, since a lot of beginner things were already asked in the past.

I have read that some people mentioned about ninjastic several times, but I kinda stuck with it and I'm still trying to figure how to use it effectively.

There are still a lot of things that I have to learn from this forum.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
August 27, 2024, 08:25:54 AM
#23
~snip~
What I'm saying is, like was said in the quoted section. It is good to use different password for different platforms for security purposes but we shouldn't rely on our brains alone but take proper record and a secured password manager can help with this (mind you is not the only method in keeping passwords).


I would not agree with the way you wrote it, because it seems to me like a very frivolous suggestion - the only correct thing would be to say that you should never use the same password anywhere, and I would also emphasize that you should always remember not to use any simple passwords or those that an attacker could "crack" if he has enough information about us. To clarify, if the attacker knows that you have children named Bob and Melinda, and if he knows their dates of birth, then he will definitely try to use a combination of those characters.



BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).
~snip~


I checked with one of the tools that test passwords, and to brute force such combinations would only take 7 months. If you add only one number to that combination, that time increases to 6 years, and with two numbers to 57 years. Of course, the time can vary depending on how many resources someone would invest in trying to brute force a password.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 27, 2024, 06:15:42 AM
#22
BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).
Hive systems has its update on password security every year. This one is for 2024 update and you can bookmark it for future updates in coming years like 2025 and beyond it.

Quote
Just in case, long alphanumeric passwords with uppercase, lowercase and symbols is the way to go. And, as suggested by malwarebytes, enable 2FA when possible.
Set up a strong password is important and everyone should do it properly.

2FA is not a magical solution to secure your account if you don't know how to do it properly like your password. A bad practice of 2FA is don't back up the 2FA activation code (like don't back up your password), and install 2FA application on a same device on which you log in your email, your account. This practice will destroy your account and related fund, if that device is compromised or lost somehow.
legendary
Activity: 1050
Merit: 1100
August 27, 2024, 06:06:17 AM
#21
Experiences is quite an harsh teacher so is better you learn from others mistakes than yours.

Further recommendations would be appreciated. 


I saw your thread in Meta about forgetting your password. You went through a very rough time to recover your account. Using different passwords for all your accounts is ideal but remembering them all is also very important. Relying on our brains to store all our passwords is risky. The brain could malfunction due to health and other reasons. Alzheimer's disease, Parkinson's disease and ALS could cause brain loss. I have sometimes forgotten my password due to stress and anxiety. I am not very technologically inclined so I usually choose the simplest best option. I write down my important passwords and keep them in different locations just as I safely keep my wallet information. But I am open to new safer ways of keeping my information and I might implement some of the best options in this thread.     
legendary
Activity: 1932
Merit: 2354
The Alliance Of Bitcointalk Translators - ENG>SPA
August 27, 2024, 05:50:00 AM
#20
Two pictures are worth a thousand words:




Source: Malwarebytes on Twitter

BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take (edit: as long as) 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).

Just in case, long alphanumeric passwords with uppercase, lowercase and symbols is the way to go. And, as suggested by malwarebytes, enable 2FA when possible.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
August 26, 2024, 02:05:49 PM
#19
Password Managers

You should really consider adding Bitwarden to that list.

Thank you very much for the guides. I'll make a bookmark of it.
I'm sorry for asking questions that already have an answer, that was my mistake a s beginner.

You should also take a look at Bitwarden and the reviews.

Also you should bookmark https://ninjastic.space/search and https://search-beta.ninjastic.space/ for better search in this forum Wink
They have the potential to get you a lot of info, since a lot of beginner things were already asked in the past.
legendary
Activity: 2212
Merit: 7064
August 26, 2024, 01:40:17 PM
#18
Anything is better than using one password for all accounts and websites... and you would be surprised how many people are doing that all the time  Tongue
KeePass is a great open source choice for password manager, it can even be used to temporary save TOTP codes for 2FA, and it's not storing anything in other people computers aka cloud.
Just don't use KeePass or any other password managers for storing important bitcoin seed words, and use strong password.
hero member
Activity: 2282
Merit: 589
August 26, 2024, 12:47:32 PM
#17
I could remember you were inactive for some time. And i wondered what may have been the issue. However, welcome back to the forum.

Honestly, this has been a very concerning problem these days. I lost my phone recently and i could access my Gmail because i could not remember some passwords it was so painful because i though everything was cool not until I couldn't sign in at all. Up till these day i still regret why i didn't store my password physically or write it down.
You can still recover your email with the authentication code sent by your phone number or you can recover your email by sending a notification to your recovery email, unless your email is registered with an inactive phone number and there is no recovery email then you have no way to recover your email, I usually save my password data on my hard drive and I remember the password for my main email access so if I lose my phone then I can log in to my email with the password or recover to my recovery email.

I am not sure about using an application tool to save any account access, I prefer to save my password on my hard drive which is much safer than using a tool, but everyone has their own perspective to secure account data.
newbie
Activity: 23
Merit: 0
August 26, 2024, 04:56:48 AM
#16
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 26, 2024, 04:51:03 AM
#15
The secret question has been disabled for a long time, and anyone who wants to restore an account through it will be blocked.
It was disabled a long time ago since 2015 and it is an unofficial lock button. Ratimov used it to exit the forum.
PSA: ACCOUNTS WILL BE LOCKED IF THE SECRET QUESTION IS USED TO RECOVER IT

Just check out Ratimov BPIP profile, he obviously locked his account with via secret question trigger on December 29.
For someone who is allegedly died account he knows very well how forum is working, and he looks very much alive.
Anyway, it's finally time to stop talking about him.


https://bpip.org/Profile?id=2627711
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
August 26, 2024, 04:45:29 AM
#14
I was adviced by a reputable member of the forum on managing my passwords and was even recommended a password manager which I'm currently using.

Further recommendations would be appreciated. 

Not all password manager have equal security or convenience. For example,
1. Password manager application on your device (such as KeePass) require you to make sure your device is secure.
2. Few online/cloud-based password manager have bad history. For example, LastPass got hacked few times.

You also should consider using random password generator, which usually included by the password manager.
legendary
Activity: 2604
Merit: 2353
August 26, 2024, 04:26:48 AM
#13
No, I don't think this option has been disabled, otherwise it wouldn't appear anymore in the Account Related Settings menu. Besides that, you are right, your account will be locked if you use this option to recover the access of your account after forgetting your password. But you can unlock it by just showing a signed message from any address you've published in a post on the forum.

https://bitcointalksearch.org/topic/resetting-password-with-secret-question-will-still-lock-account-5438111
https://bitcointalksearch.org/topic/recovering-hackedlost-accounts-5089777
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
August 26, 2024, 03:51:23 AM
#12

So for you that have a short time memory to save things, all you need to do is have similar codes on your own that you will hardly forget and save some of the app so that you can have some privacy and not be fully dependent on apps that can run all you have worked for.

Wrong. Didn't you read the topic suggested by tranthidung in this topic? Anything you can remember is always subject to hacking. Passwords should be long, not have any semantic load, and include various symbols. This is done so that it is difficult for those who brute force (guess) passwords to hack.


But if you can't do that (or don't want to) you can use a convenient feature for Bitcointalk preventing to forget your BTT password : the Secret Question option.
You can find it in the Account Related Settings section of your Profile.


You are talking nonsense now. The secret question has been disabled for a long time, and anyone who wants to restore an account through it will be blocked.
Pages:
Jump to: