Importance of Proper Password management

hd49728

legendary

Activity: 2044

Merit: 1018

Not your keys, not your coins!

Quote from: Rockstarguy on August 28, 2024, 06:05:36 PM

When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else.

If you are a programmer, coder, you can go for it by programming your own password manager. You can believe it is good because it is built up by yourself but in quality and security, no guarantee that your own-built password manager is actually good.

If you have to use a third-party password manager, it is not actually bad if you choose an open source one to use.

Quote

I think with this there is no privacy.

If it is open sourced, verified and got good reviews by community, it's good. And if you use it offline, it's another good practice.

Quote

It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time.

Password managers are better than simple available tools so people use it and rank it is better choice. You are saying the opposite to the truth. Password managers are similar to Bitcoin wallet softwares. People need to filter many available ones, pick good one to use and have good practice at the end.

PX-Z

hero member

Activity: 1554

Merit: 880

pxzone.online

Quote from: SamReomo on August 30, 2024, 07:04:41 PM

Quote from: Rockstarguy on August 28, 2024, 06:05:36 PM

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.

Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.

This is true, your assistant tool become your enemy if this happens. That's why it needs to regularly using it. While i don't usually use password manager since i always use a password with combination of site's name and numbers, with email categories so if i cant remember it i will just use forget password using the email i usually use dor such kind of websites.

SamReomo

hero member

Activity: 784

Merit: 672

Top Crypto Casino

Quote from: Rockstarguy on August 28, 2024, 06:05:36 PM

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.

Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.

Peanutswar

legendary

Activity: 1708

Merit: 1280

Top Crypto Casino

With these our browsers offering their password manager so you don't need to retype your password every time you will use it but of course make sure that your device will not be comprise as possible use a license software to prevent possible malware and keep updating your device too at the same time to prevent possible vulnerabilities. Personally I do always check the IP address of my BTT account so I make sure no one will access ^[1] just for additional safety of my account of course. AFAIK google before makes a check for the password vulnerabilities that they recommend you to update your password.

Code:

[1] https://bitcointalk.org/myips.php

Rockstarguy

hero member

Activity: 1050

Merit: 592

God is great

Quote from: SamReomo on August 25, 2024, 02:26:19 PM

I believe password management is one of the most important things for anyone who register accounts at various sites. I personally use different passwords on each platform only so I can be safe from data breaches.

I don't prefer any password manager to the ones who have a air gapped setup because they can literally save all their passwords as a text file and then save it on their air gapped system. It's that simple.

When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else. I think with this there is no privacy. It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time. Though I haven't use any password manager app before to see how it works but I don't feel okay with this style of saving password.

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.

Tmoonz

sr. member

Activity: 308

Merit: 256

Quote from: Hatchy on August 25, 2024, 11:24:44 AM

Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.

I really agree with you on this, completely relying on our brain to store information that might be use frequently can be very problematic to remember, indeed a good proper password management can be very helpful since we can easily fall back to them at the time of need, storing off line in different locations should also be encouraged since we can not completely rely on our brain all the, and most times when the brain undergoes certain level of stress we are prone to forget something at the time we needed them the most. We shouldn't learn the hard rather we should learn from other people mistakes.

Aanuoluwatofunmi

sr. member

Activity: 672

Merit: 416

stead.builders

The management of password is what we should take with serious caution, its not by where or how the password is being store alone, but in what is used in storing them, many will think of the use of a password manager for storing their keys and passwords which is a complete wrong approach because they operate online and under a central authority, our password should be be only us can have access to without involving a third party in securing it.

Kamustapo

newbie

Activity: 23

Merit: 0

Quote from: NeuroticFish on August 26, 2024, 02:05:49 PM

Quote from: tranthidung on June 19, 2024, 04:16:00 AM

Password Managers

You should really consider adding Bitwarden to that list.

Quote from: Kamustapo on August 26, 2024, 04:56:48 AM

Thank you very much for the guides. I'll make a bookmark of it.
I'm sorry for asking questions that already have an answer, that was my mistake a s beginner.

You should also take a look at Bitwarden and the reviews.

Also you should bookmark https://ninjastic.space/search and https://search-beta.ninjastic.space/ for better search in this forum Wink

They have the potential to get you a lot of info, since a lot of beginner things were already asked in the past.

I have read that some people mentioned about ninjastic several times, but I kinda stuck with it and I'm still trying to figure how to use it effectively.

There are still a lot of things that I have to learn from this forum.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: Ambatman on August 25, 2024, 10:21:08 AM

~snip~
What I'm saying is, like was said in the quoted section. It is good to use different password for different platforms for security purposes but we shouldn't rely on our brains alone but take proper record and a secured password manager can help with this (mind you is not the only method in keeping passwords).

I would not agree with the way you wrote it, because it seems to me like a very frivolous suggestion - the only correct thing would be to say that you should never use the same password anywhere, and I would also emphasize that you should always remember not to use any simple passwords or those that an attacker could "crack" if he has enough information about us. To clarify, if the attacker knows that you have children named Bob and Melinda, and if he knows their dates of birth, then he will definitely try to use a combination of those characters.

Quote from: Porfirii on August 27, 2024, 05:50:00 AM

BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).
~snip~

I checked with one of the tools that test passwords, and to brute force such combinations would only take 7 months. If you add only one number to that combination, that time increases to 6 years, and with two numbers to 57 years. Of course, the time can vary depending on how many resources someone would invest in trying to brute force a password.

hd49728

legendary

Activity: 2044

Merit: 1018

Not your keys, not your coins!

Quote from: Porfirii on August 27, 2024, 05:50:00 AM

BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).

Hive systems has its update on password security every year. This one is for 2024 update and you can bookmark it for future updates in coming years like 2025 and beyond it.

Quote

Just in case, long alphanumeric passwords with uppercase, lowercase and symbols is the way to go. And, as suggested by malwarebytes, enable 2FA when possible.

Set up a strong password is important and everyone should do it properly.

2FA is not a magical solution to secure your account if you don't know how to do it properly like your password. A bad practice of 2FA is don't back up the 2FA activation code (like don't back up your password), and install 2FA application on a same device on which you log in your email, your account. This practice will destroy your account and related fund, if that device is compromised or lost somehow.

Zlantann

legendary

Activity: 1050

Merit: 1100

Quote from: Ambatman on August 25, 2024, 10:21:08 AM

Experiences is quite an harsh teacher so is better you learn from others mistakes than yours.

Further recommendations would be appreciated.

I saw your thread in Meta about forgetting your password. You went through a very rough time to recover your account. Using different passwords for all your accounts is ideal but remembering them all is also very important. Relying on our brains to store all our passwords is risky. The brain could malfunction due to health and other reasons. Alzheimer's disease, Parkinson's disease and ALS could cause brain loss. I have sometimes forgotten my password due to stress and anxiety. I am not very technologically inclined so I usually choose the simplest best option. I write down my important passwords and keep them in different locations just as I safely keep my wallet information. But I am open to new safer ways of keeping my information and I might implement some of the best options in this thread.

Porfirii

legendary

Activity: 1932

Merit: 2354

The Alliance Of Bitcointalk Translators - ENG>SPA

Two pictures are worth a thousand words:

Source: Malwarebytes on Twitter

BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take (edit: as long as) 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).

Just in case, long alphanumeric passwords with uppercase, lowercase and symbols is the way to go. And, as suggested by malwarebytes, enable 2FA when possible.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: tranthidung on June 19, 2024, 04:16:00 AM

Password Managers

You should really consider adding Bitwarden to that list.

Quote from: Kamustapo on August 26, 2024, 04:56:48 AM

Thank you very much for the guides. I'll make a bookmark of it.
I'm sorry for asking questions that already have an answer, that was my mistake a s beginner.

You should also take a look at Bitwarden and the reviews.

Also you should bookmark https://ninjastic.space/search and https://search-beta.ninjastic.space/ for better search in this forum Wink

They have the potential to get you a lot of info, since a lot of beginner things were already asked in the past.

dkbit98

legendary

Activity: 2212

Merit: 7064

Anything is better than using one password for all accounts and websites... and you would be surprised how many people are doing that all the time Tongue

KeePass is a great open source choice for password manager, it can even be used to temporary save TOTP codes for 2FA, and it's not storing anything in other people computers aka cloud.
Just don't use KeePass or any other password managers for storing important bitcoin seed words, and use strong password.

erep

hero member

Activity: 2282

Merit: 589

Quote from: Troytech on August 25, 2024, 03:31:09 PM

I could remember you were inactive for some time. And i wondered what may have been the issue. However, welcome back to the forum.

Honestly, this has been a very concerning problem these days. I lost my phone recently and i could access my Gmail because i could not remember some passwords it was so painful because i though everything was cool not until I couldn't sign in at all. Up till these day i still regret why i didn't store my password physically or write it down.

You can still recover your email with the authentication code sent by your phone number or you can recover your email by sending a notification to your recovery email, unless your email is registered with an inactive phone number and there is no recovery email then you have no way to recover your email, I usually save my password data on my hard drive and I remember the password for my main email access so if I lose my phone then I can log in to my email with the password or recover to my recovery email.

I am not sure about using an application tool to save any account access, I prefer to save my password on my hard drive which is much safer than using a tool, but everyone has their own perspective to secure account data.

Kamustapo

newbie

Activity: 23

Merit: 0

hd49728

legendary

Activity: 2044

Merit: 1018

Not your keys, not your coins!

Quote from: lovesmayfamilis on August 26, 2024, 03:51:23 AM

The secret question has been disabled for a long time, and anyone who wants to restore an account through it will be blocked.

It was disabled a long time ago since 2015 and it is an unofficial lock button. Ratimov used it to exit the forum.
PSA: ACCOUNTS WILL BE LOCKED IF THE SECRET QUESTION IS USED TO RECOVER IT

Quote from: dkbit98 on January 01, 2024, 05:18:46 PM

Just check out Ratimov BPIP profile, he obviously locked his account with via secret question trigger on December 29.
For someone who is allegedly died account he knows very well how forum is working, and he looks very much alive.
Anyway, it's finally time to stop talking about him.

https://bpip.org/Profile?id=2627711

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: Ambatman on August 25, 2024, 10:21:08 AM

I was adviced by a reputable member of the forum on managing my passwords and was even recommended a password manager which I'm currently using.

Quote from: Ambatman on August 25, 2024, 10:21:08 AM

Further recommendations would be appreciated.

Not all password manager have equal security or convenience. For example,
1. Password manager application on your device (such as KeePass) require you to make sure your device is secure.
2. Few online/cloud-based password manager have bad history. For example, LastPass got hacked few times.

You also should consider using random password generator, which usually included by the password manager.

Saint-loup

legendary

Activity: 2604

Merit: 2353

No, I don't think this option has been disabled, otherwise it wouldn't appear anymore in the Account Related Settings menu. Besides that, you are right, your account will be locked if you use this option to recover the access of your account after forgetting your password. But you can unlock it by just showing a signed message from any address you've published in a post on the forum.

https://bitcointalksearch.org/topic/resetting-password-with-secret-question-will-still-lock-account-5438111
https://bitcointalksearch.org/topic/recovering-hackedlost-accounts-5089777

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: Egii Nna on August 25, 2024, 04:00:44 PM

So for you that have a short time memory to save things, all you need to do is have similar codes on your own that you will hardly forget and save some of the app so that you can have some privacy and not be fully dependent on apps that can run all you have worked for.

Wrong. Didn't you read the topic suggested by tranthidung in this topic? Anything you can remember is always subject to hacking. Passwords should be long, not have any semantic load, and include various symbols. This is done so that it is difficult for those who brute force (guess) passwords to hack.

Quote from: Saint-loup on August 25, 2024, 12:17:21 PM

But if you can't do that (or don't want to) you can use a convenient feature for Bitcointalk preventing to forget your BTT password : the Secret Question option.
You can find it in the Account Related Settings section of your Profile.

You are talking nonsense now. The secret question has been disabled for a long time, and anyone who wants to restore an account through it will be blocked.

Egii Nna

full member

Activity: 448

Merit: 202

Quote from: Kamustapo on August 25, 2024, 10:31:00 AM

Is there any tools or apps that could help us to manage and change passwords of various accounts that we have?

For someone who have short time memory like me, it's quite pain in the ass every time I try to login to a platform and I have to ask the email for passwords recovery because I keep forgetting the password.

Yea, you have a point, but when managing your password, you have to do that with caution. Not all passwords are saved in an app, although apart from apps, some browsers also save passwords, but that is based on your own permission because if you don’t approve it to save, it won’t save. But the main concern is the risk you are in when saving all your valuable passwords in an app because if someone has access to your device, that means all your information will be linked out.

So for you that have a short time memory to save things, all you need to do is have similar codes on your own that you will hardly forget and save some of the app so that you can have some privacy and not be fully dependent on apps that can run all you have worked for.

nakamura12

hero member

Activity: 2268

Merit: 669

Bitcoin Casino Est. 2013

Password management tools or apps won't exist if it doesn't help secure an account. That's why it is really important that a person should always take it to mind that the importance of proper password management would surely help someone make their account more secured and safe rather than doing nothing at all. Generating password may help but it would be useless if you forgot it hence that's where the tool comes in if you haven't memorized it yet. Having same password wouldn't be a good choice because if your private data is compromised then there's a possibility that your other account may get accessed by someone.

Troytech

sr. member

Activity: 98

Merit: 55

R7 for Campaign management

I could remember you were inactive for some time. And i wondered what may have been the issue. However, welcome back to the forum.

Honestly, this has been a very concerning problem these days. I lost my phone recently and i could access my Gmail because i could not remember some passwords it was so painful because i though everything was cool not until I couldn't sign in at all. Up till these day i still regret why i didn't store my password physically or write it down.

SamReomo

hero member

Activity: 784

Merit: 672

Top Crypto Casino

I believe password management is one of the most important things for anyone who register accounts at various sites. I personally use different passwords on each platform only so I can be safe from data breaches.

I don't prefer any password manager to the ones who have a air gapped setup because they can literally save all their passwords as a text file and then save it on their air gapped system. It's that simple.

Mia Chloe

sr. member

Activity: 448

Merit: 560

Crypto Casino and Sportsbook

Quote from: Hatchy on August 25, 2024, 11:24:44 AM

Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.

Yeah managing passwords can be difficult sometimes. Passwords are used in almost everything that concerns funds or any stuff like apps that carry private information. Sometimes people find it difficult to secure their passwords because of the fact that they can easily hit generate passwords on their chrome browser when the login to website and web apps and then Google automatically saves the passwords for them.

However the truth is it seems to be safe and easy but it's a hell lot of risk as if your Google should be compromised you literally put all your accounts without 2FA at risk.
Well I'm not surprised that the Blockchain isn't based on passwords rather it uses seed phrases, because if not wallet hacking and brute forcing would be the order of the day.

Saint-loup

legendary

Activity: 2604

Merit: 2353

I agree with you, it's better to use password-managers allowing you to generate different secured passwords for every websites you use, you can safely use the one from your browser(Google Chrome for example) for websites using 2FA or for not critical ones.
But if you can't do that (or don't want to) you can use a convenient feature for Bitcointalk preventing to forget your BTT password : the Secret Question option.
You can find it in the Account Related Settings section of your Profile.

Hatchy

sr. member

Activity: 336

Merit: 365

The Alliance Of Bitcointalk Translators - ENG>PID

Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.

tranthidung

legendary

Activity: 2310

Merit: 4085

Farewell o_e_l_e_o

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: Kamustapo on August 25, 2024, 10:31:00 AM

Is there any tools or apps that could help us to manage and change passwords of various accounts that we have?

For someone who have short time memory like me, it's quite pain in the ass every time I try to login to a platform and I have to ask the email for passwords recovery because I keep forgetting the password.

I think it will be enough to read the advice from this post

Quote from: ?? on ??

You certainly missed the point that after registering an account, you need to carefully store your data so that there are no incidents, like the one that happened recently, when a person simply forgot their password.

Likewise, do not save your passwords in the browser, since all your cookies can be decrypted, and others can get the password for the forum.

The common advice for account security is using a strong password which is misunderstood by many people. Being unique is the first important specification of a strong password. Because if you use one password on many platforms for multiple accounts, no matter how strong that password is in length and character combination, it breaks basic rule for password setup.

If one platform is compromised, you will have risk of losing all of your accounts that have only one password.

[GUIDE] How to Create a Strong/Secure Password
Use Password managers.

Quote from: ?? on ??

And to save passwords, use password managers with an open source code (for example, KeePass, Bitwarden). Or just save them in a blanket encrypted document.

Links to some password manager softwares are above.

Kamustapo

newbie

Activity: 23

Merit: 0

Is there any tools or apps that could help us to manage and change passwords of various accounts that we have?

For someone who have short time memory like me, it's quite pain in the ass every time I try to login to a platform and I have to ask the email for passwords recovery because I keep forgetting the password.

Ambatman

sr. member

Activity: 420

Merit: 315

Top Crypto Casino

Topic: Importance of Proper Password management (Read 346 times)