Author

Topic: Importance of Proper Password management (Read 360 times)

legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 30, 2024, 10:19:27 PM
#31
When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else.
If you are a programmer, coder, you can go for it by programming your own password manager. You can believe it is good because it is built up by yourself but in quality and security, no guarantee that your own-built password manager is actually good.

If you have to use a third-party password manager, it is not actually bad if you choose an open source one to use.

Quote
I think with this there is no privacy.
If it is open sourced, verified and got good reviews by community, it's good. And if you use it offline, it's another good practice.

Quote
It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time.
Password managers are better than simple available tools so people use it and rank it is better choice. You are saying the opposite to the truth. Password managers are similar to Bitcoin wallet softwares. People need to filter many available ones, pick good one to use and have good practice at the end.
hero member
Activity: 1554
Merit: 880
Notify wallet transaction @txnNotifierBot
August 30, 2024, 08:37:29 PM
#30
Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.
Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.
This is true, your assistant tool become your enemy if this happens. That's why it needs to regularly using it. While i don't usually use password manager since i always use a password with combination of site's name and numbers, with email categories so if i cant remember it i will just use forget password using the email i usually use dor such kind of websites.
hero member
Activity: 784
Merit: 672
Top Crypto Casino
August 30, 2024, 07:04:41 PM
#29
Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.
Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.
legendary
Activity: 1750
Merit: 1329
Top Crypto Casino
August 29, 2024, 09:55:55 AM
#28
With these our browsers offering their password manager so you don't need to retype your password every time you will use it but of course make sure that your device will not be comprise as possible use a license software to prevent possible malware and keep updating your device too at the same time to prevent possible vulnerabilities. Personally I do always check the IP address of my BTT account so I make sure no one will access [1] just for additional safety of my account of course. AFAIK google before makes a check for the password vulnerabilities that they recommend you to update your password.

Code:
[1] https://bitcointalk.org/myips.php
hero member
Activity: 1050
Merit: 592
God is great
August 28, 2024, 06:05:36 PM
#27
I believe password management is one of the most important things for anyone who register accounts at various sites. I personally use different passwords on each platform only so I can be safe from data breaches.

I don't prefer any password manager to the ones who have a air gapped setup because they can literally save all their passwords as a text file and then save it on their air gapped system. It's that simple.
When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else. I think with this there is no privacy. It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time. Though I haven't use any password manager app before to see how it works but I don't feel okay with this style of saving password.

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.
sr. member
Activity: 308
Merit: 256
August 28, 2024, 01:49:53 PM
#26
Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.

I really agree with you on this, completely relying on our brain to store information that might be use frequently can be very problematic to remember, indeed a good proper password management can be very helpful since we can easily fall back to them at the time of need, storing off line in different locations should also be encouraged since we can not completely rely on our brain all the, and most times when the brain undergoes certain level of stress we are prone to forget something at the time we needed them the most. We shouldn't learn the hard rather we should learn from other people mistakes.
sr. member
Activity: 812
Merit: 436
August 27, 2024, 01:29:41 PM
#25
The management of password is what we should take with serious caution, its not by where or how the password is being store alone, but in what is used in storing them, many will think of the use of a password manager for storing their keys and passwords which is a complete wrong approach because they operate online and under a central authority, our password should be be only us can have access to without involving a third party in securing it.
newbie
Activity: 23
Merit: 0
August 27, 2024, 01:14:46 PM
#24
Password Managers

You should really consider adding Bitwarden to that list.

Thank you very much for the guides. I'll make a bookmark of it.
I'm sorry for asking questions that already have an answer, that was my mistake a s beginner.

You should also take a look at Bitwarden and the reviews.

Also you should bookmark https://ninjastic.space/search and https://search-beta.ninjastic.space/ for better search in this forum Wink
They have the potential to get you a lot of info, since a lot of beginner things were already asked in the past.

I have read that some people mentioned about ninjastic several times, but I kinda stuck with it and I'm still trying to figure how to use it effectively.

There are still a lot of things that I have to learn from this forum.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
August 27, 2024, 08:25:54 AM
#23
~snip~
What I'm saying is, like was said in the quoted section. It is good to use different password for different platforms for security purposes but we shouldn't rely on our brains alone but take proper record and a secured password manager can help with this (mind you is not the only method in keeping passwords).


I would not agree with the way you wrote it, because it seems to me like a very frivolous suggestion - the only correct thing would be to say that you should never use the same password anywhere, and I would also emphasize that you should always remember not to use any simple passwords or those that an attacker could "crack" if he has enough information about us. To clarify, if the attacker knows that you have children named Bob and Melinda, and if he knows their dates of birth, then he will definitely try to use a combination of those characters.



BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).
~snip~


I checked with one of the tools that test passwords, and to brute force such combinations would only take 7 months. If you add only one number to that combination, that time increases to 6 years, and with two numbers to 57 years. Of course, the time can vary depending on how many resources someone would invest in trying to brute force a password.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 27, 2024, 06:15:42 AM
#22
BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).
Hive systems has its update on password security every year. This one is for 2024 update and you can bookmark it for future updates in coming years like 2025 and beyond it.

Quote
Just in case, long alphanumeric passwords with uppercase, lowercase and symbols is the way to go. And, as suggested by malwarebytes, enable 2FA when possible.
Set up a strong password is important and everyone should do it properly.

2FA is not a magical solution to secure your account if you don't know how to do it properly like your password. A bad practice of 2FA is don't back up the 2FA activation code (like don't back up your password), and install 2FA application on a same device on which you log in your email, your account. This practice will destroy your account and related fund, if that device is compromised or lost somehow.
legendary
Activity: 1064
Merit: 1101
August 27, 2024, 06:06:17 AM
#21
Experiences is quite an harsh teacher so is better you learn from others mistakes than yours.

Further recommendations would be appreciated. 


I saw your thread in Meta about forgetting your password. You went through a very rough time to recover your account. Using different passwords for all your accounts is ideal but remembering them all is also very important. Relying on our brains to store all our passwords is risky. The brain could malfunction due to health and other reasons. Alzheimer's disease, Parkinson's disease and ALS could cause brain loss. I have sometimes forgotten my password due to stress and anxiety. I am not very technologically inclined so I usually choose the simplest best option. I write down my important passwords and keep them in different locations just as I safely keep my wallet information. But I am open to new safer ways of keeping my information and I might implement some of the best options in this thread.     
legendary
Activity: 2002
Merit: 2534
The Alliance Of Bitcointalk Translators - ENG>SPA
August 27, 2024, 05:50:00 AM
#20
Two pictures are worth a thousand words:




Source: Malwarebytes on Twitter

BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take (edit: as long as) 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).

Just in case, long alphanumeric passwords with uppercase, lowercase and symbols is the way to go. And, as suggested by malwarebytes, enable 2FA when possible.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
August 26, 2024, 02:05:49 PM
#19
Password Managers

You should really consider adding Bitwarden to that list.

Thank you very much for the guides. I'll make a bookmark of it.
I'm sorry for asking questions that already have an answer, that was my mistake a s beginner.

You should also take a look at Bitwarden and the reviews.

Also you should bookmark https://ninjastic.space/search and https://search-beta.ninjastic.space/ for better search in this forum Wink
They have the potential to get you a lot of info, since a lot of beginner things were already asked in the past.
legendary
Activity: 2212
Merit: 7064
August 26, 2024, 01:40:17 PM
#18
Anything is better than using one password for all accounts and websites... and you would be surprised how many people are doing that all the time  Tongue
KeePass is a great open source choice for password manager, it can even be used to temporary save TOTP codes for 2FA, and it's not storing anything in other people computers aka cloud.
Just don't use KeePass or any other password managers for storing important bitcoin seed words, and use strong password.
hero member
Activity: 2282
Merit: 589
August 26, 2024, 12:47:32 PM
#17
I could remember you were inactive for some time. And i wondered what may have been the issue. However, welcome back to the forum.

Honestly, this has been a very concerning problem these days. I lost my phone recently and i could access my Gmail because i could not remember some passwords it was so painful because i though everything was cool not until I couldn't sign in at all. Up till these day i still regret why i didn't store my password physically or write it down.
You can still recover your email with the authentication code sent by your phone number or you can recover your email by sending a notification to your recovery email, unless your email is registered with an inactive phone number and there is no recovery email then you have no way to recover your email, I usually save my password data on my hard drive and I remember the password for my main email access so if I lose my phone then I can log in to my email with the password or recover to my recovery email.

I am not sure about using an application tool to save any account access, I prefer to save my password on my hard drive which is much safer than using a tool, but everyone has their own perspective to secure account data.
newbie
Activity: 23
Merit: 0
August 26, 2024, 04:56:48 AM
#16
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
August 26, 2024, 04:51:03 AM
#15
The secret question has been disabled for a long time, and anyone who wants to restore an account through it will be blocked.
It was disabled a long time ago since 2015 and it is an unofficial lock button. Ratimov used it to exit the forum.
PSA: ACCOUNTS WILL BE LOCKED IF THE SECRET QUESTION IS USED TO RECOVER IT

Just check out Ratimov BPIP profile, he obviously locked his account with via secret question trigger on December 29.
For someone who is allegedly died account he knows very well how forum is working, and he looks very much alive.
Anyway, it's finally time to stop talking about him.


https://bpip.org/Profile?id=2627711
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
August 26, 2024, 04:45:29 AM
#14
I was adviced by a reputable member of the forum on managing my passwords and was even recommended a password manager which I'm currently using.

Further recommendations would be appreciated. 

Not all password manager have equal security or convenience. For example,
1. Password manager application on your device (such as KeePass) require you to make sure your device is secure.
2. Few online/cloud-based password manager have bad history. For example, LastPass got hacked few times.

You also should consider using random password generator, which usually included by the password manager.
legendary
Activity: 2604
Merit: 2353
August 26, 2024, 04:26:48 AM
#13
No, I don't think this option has been disabled, otherwise it wouldn't appear anymore in the Account Related Settings menu. Besides that, you are right, your account will be locked if you use this option to recover the access of your account after forgetting your password. But you can unlock it by just showing a signed message from any address you've published in a post on the forum.

https://bitcointalksearch.org/topic/resetting-password-with-secret-question-will-still-lock-account-5438111
https://bitcointalksearch.org/topic/recovering-hackedlost-accounts-5089777
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
August 26, 2024, 03:51:23 AM
#12

So for you that have a short time memory to save things, all you need to do is have similar codes on your own that you will hardly forget and save some of the app so that you can have some privacy and not be fully dependent on apps that can run all you have worked for.

Wrong. Didn't you read the topic suggested by tranthidung in this topic? Anything you can remember is always subject to hacking. Passwords should be long, not have any semantic load, and include various symbols. This is done so that it is difficult for those who brute force (guess) passwords to hack.


But if you can't do that (or don't want to) you can use a convenient feature for Bitcointalk preventing to forget your BTT password : the Secret Question option.
You can find it in the Account Related Settings section of your Profile.


You are talking nonsense now. The secret question has been disabled for a long time, and anyone who wants to restore an account through it will be blocked.
full member
Activity: 448
Merit: 202
August 25, 2024, 04:00:44 PM
#11
Is there any tools or apps that could help us to manage and change passwords of various accounts that we have?

For someone who have short time memory like me, it's quite pain in the ass every time I try to login to a platform and I have to ask the email for passwords recovery because I keep forgetting the password.

Yea, you have a point, but when managing your password, you have to do that with caution. Not all passwords are saved in an app, although apart from apps, some browsers also save passwords, but that is based on your own permission because if you don’t approve it to save, it won’t save. But the main concern is the risk you are in when saving all your valuable passwords in an app because if someone has access to your device, that means all your information will be linked out. 
 
So for you that have a short time memory to save things, all you need to do is have similar codes on your own that you will hardly forget and save some of the app so that you can have some privacy and not be fully dependent on apps that can run all you have worked for. 
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
August 25, 2024, 03:31:59 PM
#10
Password management tools or apps won't exist if it doesn't help secure an account. That's why it is really important that a person should always take it to mind that the importance of proper password management would surely help someone make their account more secured and safe rather than doing nothing at all. Generating password may help but it would be useless if you forgot it hence that's where the tool comes in if you haven't memorized it yet. Having same password wouldn't be a good choice because if your private data is compromised then there's a possibility that your other account may get accessed by someone.
sr. member
Activity: 98
Merit: 55
August 25, 2024, 03:31:09 PM
#9
I could remember you were inactive for some time. And i wondered what may have been the issue. However, welcome back to the forum.

Honestly, this has been a very concerning problem these days. I lost my phone recently and i could access my Gmail because i could not remember some passwords it was so painful because i though everything was cool not until I couldn't sign in at all. Up till these day i still regret why i didn't store my password physically or write it down.
hero member
Activity: 784
Merit: 672
Top Crypto Casino
August 25, 2024, 02:26:19 PM
#8
I believe password management is one of the most important things for anyone who register accounts at various sites. I personally use different passwords on each platform only so I can be safe from data breaches.

I don't prefer any password manager to the ones who have a air gapped setup because they can literally save all their passwords as a text file and then save it on their air gapped system. It's that simple.
sr. member
Activity: 448
Merit: 560
Crypto Casino and Sportsbook
August 25, 2024, 02:05:24 PM
#7
Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.
Yeah managing passwords can be difficult sometimes. Passwords are used in almost everything that concerns funds or any stuff like apps that carry private information. Sometimes people find it difficult to secure their passwords because of the fact that they can easily hit generate passwords on their chrome browser when the login to website and web apps and then Google automatically saves the passwords for them.

However the truth is it seems to be safe and easy but it's a hell lot of risk as if your Google should be compromised you literally put all your accounts without 2FA  at risk.
Well I'm not surprised that the Blockchain isn't based on passwords rather it uses seed phrases, because if not wallet hacking and brute forcing would be the order of the day.
legendary
Activity: 2604
Merit: 2353
August 25, 2024, 12:17:21 PM
#6
I agree with you, it's better to use password-managers allowing you to generate different secured passwords for every websites you use, you can safely use the one from your browser(Google Chrome for example) for websites using 2FA or for not critical ones.
But if you can't do that (or don't want to) you can use a convenient feature for Bitcointalk preventing to forget your BTT password : the Secret Question option.
You can find it in the Account Related Settings section of your Profile.

sr. member
Activity: 336
Merit: 365
The Alliance Of Bitcointalk Translators - ENG>PID
August 25, 2024, 11:24:44 AM
#5
Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
August 25, 2024, 10:49:16 AM
#4
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
August 25, 2024, 10:47:52 AM
#3
Is there any tools or apps that could help us to manage and change passwords of various accounts that we have?

For someone who have short time memory like me, it's quite pain in the ass every time I try to login to a platform and I have to ask the email for passwords recovery because I keep forgetting the password.

I think it will be enough to read the advice from this post

You certainly missed the point that after registering an account, you need to carefully store your data so that there are no incidents, like the one that happened recently, when a person simply forgot their password.

Likewise, do not save your passwords in the browser, since all your cookies can be decrypted, and others can get the password for the forum.
The common advice for account security is using a strong password which is misunderstood by many people. Being unique is the first important specification of a strong password. Because if you use one password on many platforms for multiple accounts, no matter how strong that password is in length and character combination, it breaks basic rule for password setup.

If one platform is compromised, you will have risk of losing all of your accounts that have only one password.

[GUIDE] How to Create a Strong/Secure Password
Use Password managers.

And to save passwords, use password managers with an open source code (for example, KeePass, Bitwarden).  Or just save them in a blanket encrypted document.
Links to some password manager softwares are above.
newbie
Activity: 23
Merit: 0
August 25, 2024, 10:31:00 AM
#2
Is there any tools or apps that could help us to manage and change passwords of various accounts that we have?

For someone who have short time memory like me, it's quite pain in the ass every time I try to login to a platform and I have to ask the email for passwords recovery because I keep forgetting the password.
sr. member
Activity: 490
Merit: 397
Playbet.io - Crypto Casino and Sportsbook
August 25, 2024, 10:21:08 AM
#1
Jump to: