Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Should You Use Password Managers?

Posted by BeauHD on from the actions-have-consequences dept.

New submitter informaticsDude writes: What do Slashdot users recommend regarding the use of password managers? The recent election underscored the hackability of many personal accounts. One solution is to use different passwords for every digital experience. But, of course, humans are lousy at remembering large numbers of large random strings. Another solution is to use a password manager. However, password managers have been hacked in the past, in which case you lose everything. How do Slashdot users balance the competing risks? What is a person to do?

4 of 415 comments (clear)

  1. Should You Use Password Managers? by Anonymous Coward · · Score: 5, Insightful

    Yes.

    1. Re:Should You Use Password Managers? by Aighearach · · Score: 5, Insightful

      While I share the distrust of the browser storage, I also don't trust of the OS or gui system to protect the clipboard.

  2. Use a Local Not a Remot Passwords Manager by DERoss · · Score: 5, Insightful

    Some password managers rely on remote servers or the cloud to store your password. That is risky for two reasons. (1) A service holding passwords for many users is a more likely target for hackers than your own individual computer. (2) If the server or cloud service goes down even temporarily, you are stuck without your passwords.

    You should choose a password manager application that is installed within your computer and does not rely on you having an Internet connection. The application should use a master password -- actually a master pass-phrase -- to encrypt the individual passwords. That master pass-phrase itself is not stored anywhere. Instead, if it is entered incorrectly, it fails to decrypt any passwords. By "pass-phrase", I mean a longer expression containing blanks, punctuation, etc.

    Note that Mozilla-based applications have internal password managers that reflect my second paragraph above.

  3. Re:PasswordSafe by paulatz · · Score: 5, Insightful

    Except that many websites do not accept very long passwords, and most will require it to contain an upper case letter and/or a number, and may even bitch if you put the upper case at the beginning and the number at the end, at which point you put them somewhere else and you forget the password the moment you press "ok".

    --
    this post contain no useful information, no need to mod it down