What is the most safe place to keep our "Bank Infos & Backup Codes?"

Discussion in 'BlackHat Lounge' started by ShiningWarrior, Jun 12, 2018.

  1. davids355

    davids355 Moderator Staff Member Moderator Jr. VIP

    Joined:
    Apr 25, 2011
    Messages:
    12,134
    Likes Received:
    10,113
    Location:
    Scotland
    Home Page:
    The safest place? Print the codes in paper, roll them up and put them in a charger. You know the rest.
     
    • Thanks Thanks x 1
  2. aidenhera

    aidenhera Elite Member

    Joined:
    Nov 30, 2016
    Messages:
    2,573
    Likes Received:
    661
    Gender:
    Male
    nah they would probably sell your data for anythinng that exceeds their monthly premium offer price
     
    • Thanks Thanks x 1
  3. Asif WILSON Khan

    Asif WILSON Khan OG Blue Tick Exec VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    13,907
    Likes Received:
    38,402
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    The encryption is stored locally
    Local-only encryption.
    Your data is encrypted and decrypted at the device level. Data stored in your vault is kept secret, even from LastPass. Your master password, and the keys used to encrypt and decrypt data, are never sent to LastPass’ servers, and are never accessible by LastPass.
    https://www.lastpass.com/how-lastpass-works
     
    • Thanks Thanks x 3
  4. aidenhera

    aidenhera Elite Member

    Joined:
    Nov 30, 2016
    Messages:
    2,573
    Likes Received:
    661
    Gender:
    Male
    what if i want to retrieve these passwords using other PC? impossible without transferring files manually?
     
  5. Asif WILSON Khan

    Asif WILSON Khan OG Blue Tick Exec VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    13,907
    Likes Received:
    38,402
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    The only password you need to remember is the master password and then you can access the passwords from anywhere including the cloud.
     
    • Thanks Thanks x 1
  6. ShiningWarrior

    ShiningWarrior Regular Member

    Joined:
    Mar 17, 2018
    Messages:
    422
    Likes Received:
    122
    Gender:
    Male
    Occupation:
    Online Hustler
    Location:
    World Wide Web
    This and it's the same for Dashlane too. Don't know if its the same for other pass managers.
    The only way to unlock those passwords, secured notes, credit card details, bank infos and anything that you have saved using LastPass/Dashlane is by putting the master password. If you forgot your master password, then you are screwed. Not even dashlane/lastpass can help you retrieve that. :)
     
  7. tehnikumapuika

    tehnikumapuika Senior Member

    Joined:
    Jan 22, 2013
    Messages:
    846
    Likes Received:
    408
    I'm Using KeePass for all my passwords. As I know, no one can hack that database.
     
    • Thanks Thanks x 1
  8. mhtro

    mhtro Registered Member

    Joined:
    Dec 3, 2017
    Messages:
    64
    Likes Received:
    14
    In a note that is hidden somewhere in my house
     
  9. underachieved

    underachieved Power Member

    Joined:
    Aug 24, 2010
    Messages:
    675
    Likes Received:
    218
    Occupation:
    IM
    Location:
    Instagram TOS Department
    Encrypted Password Manager + Bi-Weekly backup dump to offsite server that only has internet connection when backing up data. Has a physical timer that cuts off network connectivity when not in Backup schedule.


    This allows me to have a true offline, offsite backup solution. Its only online when I need it.
     
  10. aidenhera

    aidenhera Elite Member

    Joined:
    Nov 30, 2016
    Messages:
    2,573
    Likes Received:
    661
    Gender:
    Male
    but then it means they are retrieved from server
     
  11. ShiningWarrior

    ShiningWarrior Regular Member

    Joined:
    Mar 17, 2018
    Messages:
    422
    Likes Received:
    122
    Gender:
    Male
    Occupation:
    Online Hustler
    Location:
    World Wide Web
    Utilize that mind in doing something productive and NOT overthinking stupid thoughts bro.

    Seriously, no one can retrieve your shit. The passwords, as well as everything, is encrypted into unreadable characters which can be unlocked only by using ur master pass. If you lose the MP, you are f#cked. And even then no one can decode those encryptions. Hope that makes some sense.

    Thought to clear that out but not gonna reply you back anymore and waste my time.
    I would have chosen KeePass but the interface is ugly compared to Dashlane and LastPass.
     
  12. tehnikumapuika

    tehnikumapuika Senior Member

    Joined:
    Jan 22, 2013
    Messages:
    846
    Likes Received:
    408
    I'm not sure why would you care about the interface. If the app is really functional, everything is easy to understand, it has even an Android app, it does not have online service so it means your passwords are not online. And it's free.
     
  13. Sheepp

    Sheepp Jr. VIP Jr. VIP

    Joined:
    Jan 15, 2018
    Messages:
    247
    Likes Received:
    182
    Gender:
    Male
    Occupation:
    Finding time for business
    Home Page:
    KeePass database on external hard drive hidden VeraCrypt partition.
    But hey I'm in computer security so you maybe shouldn't go this far if you don't know what you're doing
     
    • Thanks Thanks x 1
  14. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,876
    Likes Received:
    12,649
    Occupation:
    Potentate
    Location:
    Asuncion
    KeePass with password + key file combination for unlocking. The database and key are backed up on a zero-knowledge cloud host and the password is on my mind.
     
  15. ShiningWarrior

    ShiningWarrior Regular Member

    Joined:
    Mar 17, 2018
    Messages:
    422
    Likes Received:
    122
    Gender:
    Male
    Occupation:
    Online Hustler
    Location:
    World Wide Web
    If it is open source and not online, how do the passwords auto-sync every time to its database when we sign up for a new thing as well as how does it sync with your phone automatically if it doesn't have online feature?
     
  16. Gogol

    Gogol Jr. VIP Jr. VIP

    Joined:
    Sep 10, 2010
    Messages:
    3,870
    Likes Received:
    3,385
    Gender:
    Male
    Occupation:
    Dreaming
    Location:
    Pale Blue Dot
    Home Page:
    The best one IMO would be to have a separate external SSD ( the 256gigs are pretty cheap) and keeping your passwords over there with some kind of one way encryption (bitlocker can do the job if you are on windows).
     
  17. underachieved

    underachieved Power Member

    Joined:
    Aug 24, 2010
    Messages:
    675
    Likes Received:
    218
    Occupation:
    IM
    Location:
    Instagram TOS Department

    Any data that is carried with my in a external drive is in one of these.
    https://www.cdw.com/product/Lenovo-...kwcid=AL!4223!3!198553132203!!!g!112296696529!

    Physical security as well as software
     
  18. Gogol

    Gogol Jr. VIP Jr. VIP

    Joined:
    Sep 10, 2010
    Messages:
    3,870
    Likes Received:
    3,385
    Gender:
    Male
    Occupation:
    Dreaming
    Location:
    Pale Blue Dot
    Home Page:
  19. tehnikumapuika

    tehnikumapuika Senior Member

    Joined:
    Jan 22, 2013
    Messages:
    846
    Likes Received:
    408
    It does not sync anything. You just put your kdbx file in the phone lol. Also it does not auto-sync your passwords. That's the best thing about this app.
     
  20. ShiningWarrior

    ShiningWarrior Regular Member

    Joined:
    Mar 17, 2018
    Messages:
    422
    Likes Received:
    122
    Gender:
    Male
    Occupation:
    Online Hustler
    Location:
    World Wide Web
    Based on that mate, why does everyone looks for a cute good looking GF or a wife when they know that every girl has pu##y?
    It's like human behavior always going for good looking things xD
    Does not auto-sync and thats the best thing? :eek: :p