Password Managers- Good or Not?

[SPROINGY]

Hi All,
There’s been a lot of ‘stuff’ I’ve seen lately about using a Password Manager. I admit I haven’t delved into the issue in depth, not yet anyway.

I did see that they have their advantages- although I *suspect* convenience may be the main one. E.g., I *believe* if a hacker cracks your password, a Password Manager automatically generates a new password. And these days, there are more passwords to remember.

My issue with Password Managers are that they are likely hackable. Is anything on the ‘Net *not* hackable? If that happens, then the hacker will have access to all of your passwords, right? That alone is enough to put me off using a PW Manager.

I think storing your passwords *off* of your iPad would be *better security* (assuming you make good, strong passwords and change them regularly) than using a PW Manager. A hacker can’t get them then, at least not from your computer. Do you agree with my logic, or have I missed something or left some important detail(s) out?

In the end, I guess it’s up to an individual’s own situation that would be the deciding factor in making the choice.

Do you have an opinion about this? Thanks for reading!

 

[LannyC]

Yes, it's mainly about convenience: you only have to remember one PW, and everything is securely synched across all your apps and devices. You can also store non-password information securely.

No, they won't automatically react to hacking, though they make it easier to generate random strong PWs.

I've been using LastPass for years, happily paying them $2/month for the advanced features. If your iPad is your only computer, synching won't matter, but I find it handy to make a PW in Safari on my iPad and have it automatically work in Firefox on my Mac. I find LastPass more reliable, flexible, and transparent than the Apple Keychain.

Another popular manager is 1Password.

 

[Pinkpoison]

I've never used password mangers as I feel it's safer to have them in your head, I do have some in a note book but they wouldn't mean anything to anyone else.

 

[giradman]

Hello - you've already received some excellent responses - first, if you decide not to use a PW manager, then google (probably already done) 'how to make strong passwords' and read a number of hits (advice does vary and may even be contradictory at times) - if you follow the recommendations, then your passwords will be complicated, random, and not easily remembered (unless you use a mnemonic and/or a sentence).

Second, if you decide on a PW manager, then numerous ones are available; again, google for 'best password managers' and pick recent hits - MANY will be suggested, so decisions to make - some are free and others cost. For myself, I am using iCloud Keychain (and usually choose the 'random suggestion') and also 1Password - if interested, check the link for pricing. In addition, there is an excellent short book (2nd pic below) called Take Control of 1Password by Joe Kissell that is excellent in explaining the app. If you're interested in the latter option, again check their website - basically, I have a complicated but memorable single PW to open the app and usually allow selection of complicated PWs - good luck. Dave
.

 

[SPROINGY]

I've never used password mangers as I feel it's safer to have them in your head, I do have some in a note book but they wouldn't mean anything to anyone else.

Poisonivy, seems we’re on the same ‘page,’ so to speak. It’s entirely possible to keep track of your passwords on paper, in a manner that nobody but you would understand.

Just don’t tell anyone about it; after all, it’s nobody’s business but yours, and keep your notebook inaccessible to others. Then you should be good to go!

 

[SPROINGY]

Yes, it's mainly about convenience: you only have to remember one PW, and everything is securely synched across all your apps and devices. You can also store non-password information securely.

No, they won't automatically react to hacking, though they make it easier to generate random strong PWs.

LannyC, thanks for your reply! Please don’t take this the wrong way; I’m not being confrontational (I never will be, that’s not what this forum’s about), but I noticed you mentioned ‘securely’ a couple of times. Following the news tells me that *nothing* on the ‘Net is secure, so that would include PW Managers. Even governments get hacked!

I was intrigued by your assertion that “No, they won’t automatically react to hacking.” Really? How does that work?

It would be great if everything connected to the ‘Net was like that!

 

[LannyC]

I was referring to your statement "I *believe* if a hacker cracks your password, a Password Manager automatically generates a new password." A PW manager has no way to detect that one of your passwords is compromised outside the app and its environment. If you meant hacked on the PW manager company's server, not likely, because everything is encrypted before transmission. In the past there have been incidents, but the authors have since changed the software to prevent exposure.

 

[Pinkpoison]

Poisonivy, seems we’re on the same ‘page,’ so to speak. It’s entirely possible to keep track of your passwords on paper, in a manner that nobody but you would understand.

Just don’t tell anyone about it; after all, it’s nobody’s business but yours, and keep your notebook inaccessible to others. Then you should be good to go!

I'm sceptical and I think it's possible for hackers to find ways of hacking most things, they work on things constantly, it's what they do ....
No one can hack what's in my head though or decipher my random notes