Skip to comments.Vanity: Fun with passwords
Posted on 06/28/2014 9:02:26 AM PDT by Sherman Logan
I'm having more and more trouble keeping track of passwords on multiple sites. I would appreciate any advice someone might have on an app that would help me to do so securely and efficiently. I'm posting this because Freepers have an astonishingly wide range of knowledge and have helped me a lot in the past.
Here's what I'd like:
Android app that allows me to store all passwords and usernames securely, behind a single master password.
Easy, preferably automatic, syncing to my PC and the cloud.
Access to the stored info by phone, PC or by any computer or other device over the web as long as I have the master password and username.
Auto entry of the password, username and other information such as credit card numbers would be nice, if security is maintained adequately.
Preferably free, obviously, but for the right app I'm willing to cough up a reasonable fee to buy it. No ongoing subscription, though.
Help with spelling is apparently needed, too.
I just use NotePad text files (hundreds of them), stored in an external drive folder and several flashdrives. If you find a good app, share it, please!
Since virtually all passwords these days require a combination of letters/numbers/characters, an easy mnemonic are aircraft names, i.e. P-47Thunderbolt, B-26Marauder, etc.
Concur with KeePass. You can set it up to integrate with Pale Moon. And it is free. Also a version that runs off a USB stick.
I tried one of those do-all password keepers. It messed up my hard drive because it inserted itself in every possible program.
I returned to the old standby standalone Password Keeper. It is an old program that came with an MCI computer. The program is no longer supported, but it can be found one some old archival websites.
For browsing, I use the browser password keepers. They work pretty well.
As for android — I am looking forward to responses in this thread.
I use Keeper which is encrypted. It works well for me because I not only have all the usual passwords and user names but I have at least a dozen at work.
I am sure other programs work as well or better...this one works well on my android phone.
That looks like some of the responses I get when bank/financial institutions and utilities change their log-in screens.
The author wants an electronic device, with a doo-dad program, to control the passwords of all his electronic places????
Suggestion: go to Jane’s Aircraft systems book, any year. Pick a system, be it avionics, hydraulics, mechanical. Choose the complete alpha-numeric number, with parentheses, and make it THE password, minus the parentheses. THEN, use a (+1), (+2), (+3), etc, in the order of importance, to the author!
Just get an old school address book, and enter the webpages by name and passwords.
1.a pen and ink book, you might lose, if you have butter fingers, but it can never be hacked.
2. If it’s electronic, it can be hacked!
The NSA thanks you for letting them know how to crack your passwords.
My cellular is an old flipfone, too. I don’t get or make many calls so it is fine.
My cellular company is expanding to include web access. I am not sure I like the newer phones. I have enough trouble reading my current flipfone screen, because it is too small. If I went with a bigger screen, it would not be convenient to carry around.
Flipfone is fine.
Whoever wants you already has you.
You might try something like:
one_basic_pwd_fr for “FreeRepublic,”
one_basic_pwd_mybank for your bank,
one_basic_pwd_work for your workplace,
I didn’t write this but the suggestion for using an old nursery rhyme is a good one.
Thanks. That’s exactly the type of information I’m looking for. Do you remember the app?
What gives me grief too are the “security Q&As”, especially the ones on bank accounts. If you fat finger a response or get the capitalization wrong or any other errors, you get locked out of your money after more than 3 attempts to get it right. This is especially difficult when the account is in a financial institution that is online only, no brick and mortar locations. Beware of placing your money in any institution which has no local office where you can go to for help.
Oh, I’ve tried that approach, though not with aircraft.
Problem is that you (or I, anyway) forget which variant I’ve used with which website.
I said that was an easy mnemonic lol. Not one I use for my computer passwords. In any case, the nsa is tracking your keystrokes anyways...
I have an old app called Access Manager.
It is a pass-worded app that allows for easy access to all my user names and passwords.
Mine is over 10 years old, but a quick search shows a possible similar free one: http://www.accessmanager.co.uk/
I’ve already tried that approach.
“Password” seemed to work well, but sites are now requiring upper case, numerals, etc. Which messed up my system.
Old-fashioned me also keeps passwords written. I typed them in a list,on regular paper, made copies, and keep them where they can be reached easily. (One is between books beside the ‘putter) Only I know where it is, plus a few thousand FReepers!
I think it was LastPass.
I had to re-image my hard drive afterward. Even trying to uninstall it did not work.
Our company (huge) suggest our passwords be our first/last initials + birthdate (mo/yr) + last two digits of SSN, with the letter of our last name capitalized. This passes most password tests as ‘strong’. If someone makes you change your password, just make a onomonapoeia (sp) of this password, i.e., spell it backwords.
After many many years I settled on using an excel spreadsheet that requires a password to open it.
The reason is that it’s not just ‘username’ and ‘password’ you need ... there are pins, sometimes security questions which don’t fit your life, other ancillary data.
A couple years ago I moved the password encryped excel spreadsheet to a Google Docs spreadsheet (Google’s version of Excel) - that way I can grab it from a phone, ipad, computer, even someone else’s computer or phone in a pinch. (Google Docs is https - secure http)
This is the only method I know that covers all situations.
(it’s also handy for storing shopping lists, especially for measurements of things around the house for when you go to Home Depot because you can pull it up on your mobile phone at the store when you’re looking at 700 different sizes.)
Also, you can pick a base password that contains most or all of the required characters like “M0t0rBo4t” or something -> and then append 01, 02, 03 for those that you have to change every 90 days - like your windows network password at work.
The password programs like KeePass and LastPass are good sometimes, but they can be simplistic, and if you leave your computer open while you have those programs autosuggesting passwords, it’s going to suggest that password where the person goes.
With an excel file (password protected,) or Google Docs to access it anywhere, at least you have a single, flexible, place, available from any device, secure http, to get this information.
Could Google steal your file? If someone wants your passwords, they’ve got ‘em already. That’s a chance I’m willing to take, and any app that gives you your passwords on demand anywhere ... means they are stored in the cloud anyway.
That said ... if anyone knows a better solution that offers everything I listed ... I’ll change to anything that works long term. So far, I’ve been doing this for 6 years ... tried all the other solutions during those 6 years.
The key, if you have 10 - 20 passwords (and usernames) is to settle on a scheme that no one is going to guess (animal names using numbers for letters like “M0ng00s3” is popular.
Otherwise you wind up writing all your disparate passwords on stickies near where they’re used, which I’ve seen even some IT people do, or, each month, you think of a new neat scheme, and by the end of the year, you’ve got 6 schemes and you can’t remember which you used for that password.
Good luck. I only write a lot because it’s been a long journey to finding something that works. Hope some o that helps.
I put all of mine on sticky notes under my monitor. Works great.
I have DropBox running on my Mac, Windows, Linux, and Android (phone) machines.
I then installed 1.X database compatible versions of KeePass on all of these computers. I later tried 2.X database compatible versions, but the Mac version ran too slow, so I went back to 1.X.
Anyway, I store the KeePass database in a folder within Dropbox. I’ve then configured all of my copies of KeePass to use this database. KeePass prevents more than one copy of writing to the same database, and DropBox takes care of keeping all of them synced.
It’s not perfect, but it works.
O damm I do the same thing..
Cap the first letter of your word and follow it with a number
If they torture me I'll give it up in a heartbeat.
Sounds like a good system. With KeePass it does have a notes section for security questions, etc.
As for security questions, I read of one solution that’s easy to remember. Use the same answer for everything, regardless of the question. First dogs name: FreeRepublic. Grade school: FreeRepublic. Mother’s maiden name: FreeRepublic. Sarah Palins email was hacked by someone who accessed the account by figuring out the answers to the security questions.
Amen, amen, amen
It is handy to have these things on the road & not just at home.
WINDOWS: Please enter your new password:
WINDOWS: Sorry, the password must be more than 8 characters.
USER: boiled cabbage
WINDOWS: Sorry, the password must contain 1 numerical character.
USER: 1 boiled cabbage
WINDOWS: Sorry, the password cannot have blank spaces.
WINDOWS: Sorry, the password must contain at least one upper case character.
WINDOWS: Sorry, the password cannot use more than one upper case character consecutively.
WINDOWS: Sorry, the password cannot contain punctuation.
WINDOWS: Sorry, that password is already in use.
For the least important web sites I use the first four letters of the site, a number combination (always the same), and the same special characters. For instance, FR would be “free1234$$”.
For more important websites I have another set of rules but similar.
You don’t need an app. Use one password. Change it every 3 months. Make it an acronym you can remember and use leetspeak. Something like:
“It was a bright cold day in April, and the clocks were striking thirteen.” ~George Orwell, 1984
But not so famous because then I could hack you. Heh.
Or use three acronyms: one for business, one for e-mail and social media, one for everything else.
Last Pass works well for me.
Probably the safest thing to do is write them down and stick the list in your desk drawer. How often do people break into your home to steal passwords?
I also have the spreadsheet itself password protected.
I have an old worn Little Oxford Dictionary on a table near my laptop and I have passwords written on some of the back pages. There is not enough info for anyone else to know what I am talking about.
My “Password” for “Papa Johns” pizza is “PapaJohns” and a few numbers.
For Dominoes it’s “Dominoes**” again, with a few numbers.
and on and on.
All I need to remember is the different set of numbers at the end.
That's why I use "Pa$$w0rd". No one could guess, and it meets all the security requirements.
Another option is some variant of "TrOtPtKaBaSnBi" (the right of the people . . . shall not be infringed) with perhaps a 1 for the I or a 0 for the O, with as someone said an _sitename at the end. I don't use a password manager because I don't like putting all my passwords in one place (except here on FR where they are completely secure, of course!).
I use geometric passwords. They are meaningless, but easy to type. I learned this from a teenager years ago. Example:
Try it on your own keyboard and you’ll see what I mean. If they made me change my password, I’d change it to: