Password managers or passwords from memory

SuperMariob

newbie

Activity: 56

Merit: 0

Quote from: Z-tight on June 30, 2022, 04:26:33 AM

Creating a password is very important, weak passwords means hackers can easily gain access to your accounts, and many of us have a lot of online accounts across different platforms, so creating a password for each account, including emails becomes a task. There are two ways of creating a password, either through your brain or with a password manager, like keePass for example.

The purpose of this topic is to know which of the two ways this community thinks is the safest!!!

If you create passwords from your mind it will have to be complex so hackers can't get it, and it will be difficult for you to remember so you'd have to write them down on paper, because if you save them in your email or online, then it is unsafe, but what of in a situation that the paper you used to back up your password is misplaced or damaged, what are the additional back ups for people who use this method to ensure their passwords are safe forever.

Password managers seem to be the safest, for those who use them, what are the 'do's and dont's', i do not have too much experience with password managers, so can anything go wrong when using them? Any knowledge or experience you have on password creation will be appreciated so others can learn from it.

I never really trusted password managers. I don't like the idea of giving all my password to a software. If it gets hacked....all my passwords are gone.

Accardo

hero member

Activity: 1260

Merit: 561

Leading Crypto Sports Betting & Casino Platform

The best thing is, do that which works for you. I remember forgetting the password of an account I logged into everyday. Not that the account is saved on the system, I entered password everyday and one faithful morning I forgot the password. So, the brain sometimes fails to recall things. Password manager I don't recommend for a sensitive account like wallets. Password manager can serve other social accounts that means nothing to your personal information or funds. Though, to escape hackers, use 2fa to backup sensitive accounts. And be careful with whatever backup you are using so that you won't bite yourself. Keep your phone numbers, email or google account used for the backup very safe.

KingsDen

legendary

Activity: 1260

Merit: 1079

Goodnight, o_e_l_e_o 🌹

Quote from: Alisha-k on July 04, 2022, 07:06:16 AM

It all depends on how good you are at memorizing complex characters and alphanumeric keys. I prefer password from my memory a million times to password managers. Since i make use of Characters, numeric keys and special characters i feel secured with my passwords, except this password managers are generated offline else no way

For how long can you trust your memory? The human memory is already being over-used for processing daily tasks, for work at office, memorising your relatives names, possibly for knowing the name of your country/state and the name of the president. You may think that it is normal for your brain to store all these. But take your brain like a computer memory, each thing you memorise is either running in KB, MB or GB. So, it is important to relieve the brain of some certain responsibilities.

Personal I have 5 strong passwords(alphanumeric and symbols) that I memorised. I categorised them as normal, secured and most secured. I apply different passwords depending on how important I percieve the website is. But now I'm trying a way to get them off my memory.

Alisha-k

member

Activity: 840

Merit: 23

It all depends on how good you are at memorizing complex characters and alphanumeric keys. I prefer password from my memory a million times to password managers. Since i make use of Characters, numeric keys and special characters i feel secured with my passwords, except this password managers are generated offline else no way

AakZaki

legendary

Activity: 2338

Merit: 1084

zknodes.org

Quote from: jamyr on July 03, 2022, 09:46:59 AM

Another safe way would be to create your own password manager in a secondary device that doesn't connect to the internet. If I am not mistaken, they call it like air-gap something...

This maybe a lot of work for password managing but I believe it to be very effective.

yes it is more effective with methods like airgrab because this password manager is not connected to the internet. Devices that are still connected to the internet are still vulnerable to malware and hacking.
And some other offline storage can also use notes on a piece of paper or a special book that is stored properly.
The ultimate security depends on the user and the device, if the user is negligent and the device is easy to hack, then any way will be useless.

jamyr

sr. member

Activity: 1764

Merit: 373

<------

Another safe way would be to create your own password manager in a secondary device that doesn't connect to the internet. If I am not mistaken, they call it like air-gap something...

This maybe a lot of work for password managing but I believe it to be very effective.

Dunamisx

hero member

Activity: 952

Merit: 555

Quote from: Z-tight on June 30, 2022, 04:26:33 AM

Creating a password is very important, weak passwords means hackers can easily gain access to your accounts

I think it's not all about having a long password that the user may apparently find difficult to remember but rather having a combination of alphanumeric use for password, this is one of the strongest ways we can secure ourselves against an attack because using an ordinary name or some common to us can be easily guessed by someone close to us, here are some common mistakes made by users about password combination.

First scenario, they uses a common number sequence of 0-9
Secondly, they make use of repeated numbers like 55555 which is in five place or more using any other number, lastly they use alphabetical words like their surname, mother's name, father's name, and names of common things that are favourite to them, these are some of the ways users creates vulnerability for an attack all by themselves unknowingly.

Lida93

hero member

Activity: 742

Merit: 529

Leading Crypto Sports Betting & Casino Platform

Mind you Password manager are not totally free from experiencing a crash like every other systems too. So its much safer to have a password out of your memory, one that's reliable and you can easily remember through attachment of the figures and letters of the password to things important in your life.
Remember you can't crash expect death but a system can at anytime.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

There are several sites that offer to check the strength of your passwords.
Although you should be completely skeptical, you should also not trust these sites with your passwords. But having understood the principle of a quality password, which they speak of as reliable, it is easy to create another one in the same format.

https://www.security.org/how-secure-is-my-password/
https://password.kaspersky.com/

Lafu

legendary

Activity: 3136

Merit: 3213

Quote from: Note3 on July 01, 2022, 10:58:11 AM

Until now never use password manager or any kind of that, I just create password manually and always combined with lower upper cast also special characters, and write down all in notepad save in computer or flashdisk, I think this is a safe ways for me.

Thats not the safest way and very risky . Also if you get hacked or your computer gets compromised from Malware or Virus thats the first things the Malware Software is looking for.
The program searches the foulders in Notepad and all other foulders and how they are written or if they locked with a password.
If notepad is setup normaly you just have to open it and the last edited windows and things are open still there if you havnt closed them.

I would advise to never safe passords and keys in a file on the PC , write it down manual to paper or something.

Davidvictorson

hero member

Activity: 1120

Merit: 887

Livecasino.io

The issues I have with a password manager is that many of the most widely used password managers are proprietary software, they are owned and operated by a private company and I am not able to view the source codes of how my password is stored, the type of encryption used. It cannot be verified. In addition, a data breach of the server is likely if it is stored in the cloud. However, unless the password has been encrypted then nothing can be done with the password if there is a hack.

Note3

member

Activity: 117

Merit: 10

Until now never use password manager or any kind of that, I just create password manually and always combined with lower upper cast also special characters, and write down all in notepad save in computer or flashdisk, I think this is a safe ways for me.

Rruchi man

legendary

Activity: 1456

Merit: 1108

Use chips.gg

Quote from: Z-tight on June 30, 2022, 04:26:33 AM

The purpose of this topic is to know which of the two ways this community thinks is the safest!!!

In my opinion they can both be considered safe and unsafe depending on the person using them. For password managers, they are susceptible to malware attacks from cyber criminals that can steal your master password and as a result gain access to all the passwords stored within, they can be considered safe for those with some tech awareness, and unsafe for those without any tech knowledge/awareness, those who have no idea when their device is under a malware attack. While for those who choose to play it safe and avoid hackers hence use passwords from memory can easily be disappointed by memory and mix up the passwords for different accounts or even forget some passwords. Using one password from memory is also not advisable, rather create a pattern that you use in setting unique passwords for any account, so whenever you remember the pattern you can easily recall your password.

tranthidung

legendary

Activity: 2310

Merit: 4085

Farewell o_e_l_e_o

Quote from: ?? on ??

We should admit that password nowadays can be crack no matter how hard it was using brute force software so choosing the best password is least of my concern

If you set up a long, strong and unique password, it's very hard to brute force it if you don't leak any part of it.

Quote

using secondary security such as sms verification and 2fa to enhance my security to maximum level that hackers can’t penetrate unless he has access to my phone. But all this hack event is only possible if you share your login details or you download malicious software that will give the hacker your login details.

You can use Yubikey as one of secondary protection.

Some people store 2FA and account password on the same device. It is not a good practice as it violates a basic that 2FA should be on different device and you should not store all eggs in a single basket.

If you login your email, your exchange account and install its 2FA on a same device, what will happen if you lose that device? 2FA can not protect you in this case if exchange does not detect suspicious things and ask for additional KYC before approving withdrawal request from that device.

xSkylarx

hero member

Activity: 2366

Merit: 594

Quote from: ImThour on June 30, 2022, 05:26:03 AM

I don't use any password managers as I have a good enough memory to keep them safe in my mind however I do use a similar password for multiple websites.
That might be an issue but cracking it at first is the big deal. I am not sure If Password Managers are a good option or not, my iPhone's Facecam does a really great job though.

Same for me, I haven't considered using password manager since I started to learn about crypto 6yrs ago. I just wrote them on a piece of paper, make multiple copies of it then store it on a safe place that I only know. So far, none of my accounts have been lost or hacked yet. I'm also very careful in visiting malicious links or opening files that can spread malware on my device. Password Manager are only a good option if you have some private account or huge assets that you really want to protect but if they have nothing to steal from you then it's not necessary to use it.

gagux123

hero member

Activity: 1554

Merit: 814

The Alliance Of Bitcointalk Translators - ENG>POR

Quote from: Munir575 on June 30, 2022, 05:23:26 AM

Choose LastPass or Bitwarden if you want the best free password manager. Dashlane is a good option too if you want something that's more than a password manager because of its wide range of security features and it provides more use than almost any other password manager.

some time ago I also used LastPass, I found it easy to use and very intuitive.
But unfortunately LastPass has already been hacked several times.
After that, I don't have much confidence in this password manager because of these events they had with LastPass

More info
"LastPass users are skeptical after company insists it wasn't hacked" - https://www.inputmag.com/culture/lastpass-denies-hack-alerts-users-of-security-breach

Another tool that is also interesting to use, is 2FA, because this is important nowadays. It's simple to use and it will give you an "extra layer" of security.

Maus0728

legendary

Activity: 1904

Merit: 1563

I've been using Bitwarden for a while, and so far I haven't noticed or run into any major or minor issues. All of the passwords kept in Bitwarden are alphanumeric characters with a mix of symbols, capital and lowercase letters, making them virtually impossible to remember.

The interesting part about PM is that you may fiddle with the password character length up until the website screams that "the password is too long" for their database to store;D. Besides, it is intriguing to examine the website's quality to determine whether it can keep complex passwords or not.

Smartvirus

legendary

Activity: 1554

Merit: 1139

Quote from: Z-tight on June 30, 2022, 04:26:33 AM

Password managers seem to be the safest, for those who use them, what are the 'do's and dont's', i do not have too much experience with password managers, so can anything go wrong when using them? Any knowledge or experience you have on password creation will be appreciated so others can learn from it.

I think the most important key to a safe password is not in the creating of a password that can't be guessed by anyone or brute forced by anyone. A mean, you can create a supper complex password bt mixing random alphabets using upper and lower case, numbers and special symbols in a completely randomised manner. It's nothing far from what the password managers do. The most important task for creating a password is in you ability to memorise and be able to reproduce it. If you can't, then you've ended up securing an account and you no longer own it

Am no big fan of password managers, not that I don't trust it as I find them to be supper complicated and can't he easy guessed as opposed to creating passwords out of your brain but, getting to memorise it and reproduce it out of memory could be tasking bacuse, its got zero relativism as per clue to its guessing. I'll go with my brain anytime and have got my ways to archiving maximum security.

tranthidung

legendary

Activity: 2310

Merit: 4085

Farewell o_e_l_e_o

You can use any mean to store your password, passphrase, mnemonic seed, private key but it should not be memory and should not be online. You can use either password manager, paper, metal sheet and more but it must be offline one and not be your memory. Your memory can be lost when you are ageing or get an accident. Online places are dangerous because you will be exposed with more risk.

Some people store their password in Gmail, in their social media account like Facebook, in Telegram, in cloud storage service. All of these are very bad practically.

[GUIDE] How to Create a Strong/Secure Password

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: Z-tight on June 30, 2022, 05:59:27 AM

Is there any particular reason you don't trust password managers, even the ones that are open source? Any past experience, or because you are old school, or you just have a method that has worked for you down the years.

For starters, I'm not a person who needs to have hundreds of passwords, and that's where some see the advantage of a password manager. I just feel more secure if my password is completely offline than being stored by any software, no matter how secure someone thinks it is. In addition, there have been many different revelations about how some password managers have been hacked or found to have serious vulnerabilities - which means that user passwords are always at risk to be hacked.

Topic: Password managers or passwords from memory (Read 347 times)