Password Managers - Your Expereience?

How do you store your passwords?

  • Digital Manager ex. Dashlane, LastPass, Zoho, ect.. (Secured Encryption)

    Votes: 15 57.7%

  • I Write My Passwords in my Diary (Secured with $3 padlock)

    Votes: 2 7.7%

  • I'm Super Smart and Remember ALL my Passwords (Secured in Brain)

    Votes: 7 26.9%

  • I'm Lazy and Use One Password For Everything (Secured by Simplicity)

    Votes: 2 7.7%

  • I'm a Lurker And Can't be Bothered to Create an Account and Password (Unsecured)

    Votes: 0 0.0%

  • My Passwords Are So Complex That I Forget Them And Reset Frequently (Secure!?)

    Votes: 3 11.5%

  • I Use TOR + VPN + PGP + 2FA + New Electronics Every 48hrs. (DreamMarket Top Seller Secure)

    Votes: 1 3.8%
  • Total voters
    26
Coastline17

Coastline17

Regular Member
Joined
Oct 26, 2019
Messages
349
Reaction score
134
Im contemplating the use of password managers. Ones like DashLane and other digital managers. This is in light of a recent event in which one of my credit cards was compromised as well as a login to a site I frequent, most likely due to a weak password.

Has anyone had any experience with these digital password managers? How secure are they? What if they aren't online? Go bankrupt?

If you do use one or have had experience with them, could you recommend the best one and your reasons why?

Is it just better for me to write my passwords down?
 
Advertise on BHW
Coastline17 said:
Im contemplating the use of password managers. Ones like DashLane and other digital managers. This is in light of a recent event in which one of my credit cards was compromised as well as a login to a site I frequent, most likely due to a weak password.

Has anyone had any experience with these digital password managers? How secure are they? What if they aren't online? Go bankrupt?

If you do use one or have had experience with them, could you recommend the best one and your reasons why?

Is it just better for me to write my passwords down?
Click to expand...
Preferably to write them safe - I personally use Bitwarden - German technology - i never got disappointed by a German :)
 
After being hacked several times for using the same passwords in all the sites, I'm starting to switch to a password that I can remember + that has my own "algorithm" built in and it's easy to decipher for me.

For example, this can be as simple as, using a little complex password like a combination of two of three elements you might remember. Then you count the letters in the domain (blackhatworld, 13) and you multiply by a number you like (for example 3)

Then the result is your "complex password" + 39
There are obviously more options that can provide more uniqueness, this is just something that I have made up for the example.

But the important thing is that ultimately you might have an unique or nearly unique password for each site you login and you don't have to save it anywhere, just in your brain.
 
SirLouen said:
After being hacked several times for using the same passwords in all the sites, I'm starting to switch to a password that I can remember + that has my own "algorithm" built in and it's easy to decipher for me.

For example, this can be as simple as, using a little complex password like a combination of two of three elements you might remember. Then you count the letters in the domain (blackhatworld, 13) and you multiply by a number you like (for example 3)

Then the result is your "complex password" + 39
There are obviously more options, this is just something that I have made up for the example.

But the important thing is that ultimately you might have an unique or nearly unique password for each site you login and you don't have to save it anywhere, just in your brain.
Click to expand...
Wow, I haven't been hacked before, but your story does motivate to not be soo lazy. Fortunately, i don't really have much to lose :))
 
You should definitely use a password manager.
Which one depend on your usage and how much you can risk your account.

I would recommend using an offline password manager like KeePass, but if you're logging from many different devices and your account are not that worthy (ie. a bhw account for instance), you can try online password like Dashlane or whatever... With the risk of dataleak & co. though ;)
 
Won't mention the service I use for obvious reasons,

But there was a discussion here about the future of encryption with the advent of quantum computing and passwords..

Random non dictionary words are the best, you are far better off with a word that does not exist in the dictionary.

Use a tool as such to evaluate a pass similar to yours. Don't add your real one as it will be added to a database of passwords.
 
jhonnyjoker888 said:
Wow, I haven't been hacked before, but your story does motivate to not be soo lazy.
Click to expand...

I was even hacked here in BHW last summer because of this and had some issues with a member that was scammed on my behalf by the hacker. Pretty disturbing :(

Also never forget to activate 2FA everywhere! It's a lifesaver.
 
SirLouen said:
I was even hacked here in BHW last summer because of this and had some issues with a member that was scammed on my behalf by the hacker. Pretty disturbing :(

Also never forget to activate 2FA everywhere! It's a lifesaver.
Click to expand...
Thanks for the tips. Never can be to safe, right? :))
 
My answer wasn't on the poll so, I couldn't vote! I use Notepad & MySQL table. Also, brain is not so secure, FYI. Under hypnosis, people reveal strange things! I prefer a random typed password.
 
For a long time I've been using KeePass portable for passwords, credit card info, ssl keys for my sites, addresses, etc.

I keep a copy in my pen drive that I take along when I leave the house.

I also encrypt a copy with winrar, rename it (e.g. screenshot_2345.jpg) then send it as attachment to my own email addresses.

I never trust online password managers. My passwords always stays close to me.
 
I use Lastpass for all my passwords. It's good. It doesn't store passwords on their servers. The only way to access is to have the master password, otherwise, all passwords will be encrypted.
 
2FA + Custom Unique passwords that you can decode by looking at url or the site.

That's what i follow.
 
Casting another vote for LastPass. I've used it for years and never had an issue, even when I needed access via my phone when I had never used it from there before.
 
ciupanezul11 said:
Preferably to write them safe - I personally use Bitwarden - German technology - i never got disappointed by a German :)
Click to expand...
As a German, I use LastPass and didn't get disappointed yet.
Maybe the secret developer of LastPass is also a German ;)
 
I already voted.

I dont really trust on LastPass, what if your LastPass account gets compromised? You will hand all your passwords to the attacker?
 
SirLouen said:
After being hacked several times for using the same passwords in all the sites, I'm starting to switch to a password that I can remember + that has my own "algorithm" built in and it's easy to decipher for me.

For example, this can be as simple as, using a little complex password like a combination of two of three elements you might remember. Then you count the letters in the domain (blackhatworld, 13) and you multiply by a number you like (for example 3)

Then the result is your "complex password" + 39
There are obviously more options that can provide more uniqueness, this is just something that I have made up for the example.

But the important thing is that ultimately you might have an unique or nearly unique password for each site you login and you don't have to save it anywhere, just in your brain.
Click to expand...
This.

I personally don't see the need of password managers. The browser can be trusted with the passwords of not too important sites. For important sites i have a non-guessable base password and i vary it making letters lower case/upper case, using numbers and special characters. You can have an infinite amount of passwords from one base password. For the sites where you login frequently, you memorize passwords anyway. If not, you either have around 10 shots, before you're getting locked out temporarily or you can simply ask for a reminder sent to your email address. And yes, on all the important places where i can, i use 2FA.

Chrome has a cool new feature, if you let it save your passwords. When you login to any account of yours with an email + password, which was compromised before, Chrome prompts you to review/change the password and after a short process, Chrome gives you a list of sites, where you use an unsafe/compromised email + password combo. Google must have a huge database with all the known leaks/hacks (maybe from haveibeenpwned) and they're working from that.
 
I use a password manager for everything BUT the bank account
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Account Selling Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top