How do you store your passwords?

[Mr Scratch]

Weird methods. Like a couple of other posters here, I keep them in my head. Safest place.

If you have less than 50 logins maybe. Are they all unique and reasonably strong?

 

[Idiosyncratic]

I'm looking at SpiderOak Encryptr. Good or bad?

 

[Igajim]

I use RoboForm - with 256 AES encryption and a master password that is 30 characters long...

 

[Mr Scratch]

I use RoboForm - with 256 AES encryption and a master password that is 30 characters long...

At the end of the day the passwords are exposed during login, that's probably the weakest point in the chain.

 

[Mr Scratch]

I'm looking at SpiderOak Encryptr. Good or bad?

I'm all for using password managers stored in the cloud, but if it's free you need to ask yourself where the money to pay for servers comes from. Just use something tried and tested like 1Password.

 

[Ho3n3r]

If I told you, I'd have to kill you.

 

[Idiosyncratic]

I'm all for using password managers stored in the cloud, but if it's free you need to ask yourself where the money to pay for servers comes from. Just use something tried and tested like 1Password.

Ok, but what solution would work in a file sharing context?
Also, I'm curious, what do businesses use? I mean, say you have 100 IT employees all of who need to have a way of accessing something. Where would they store such details?

 

[Mr Scratch]

Ok, but what solution would work in a file sharing context?
Also, I'm curious, what do businesses use? I mean, say you have 100 IT employees all of who need to have a way of accessing something. Where would they store such details?

For secure file sharing? The question of who your adversary is comes in. Are you protecting your personal information from the general public? Are you protecting "secrets" from your employer? Are you protecting projects from overly competitive colleagues? Are you protecting company secrets from competitors?

Each comes with their own threat model that you need to consider and prepare for. I have seen businesses use 1Password for Teams and it's worked quite well. When it comes to sensitive data, don't cheap out or you will get burnt.

 

[Nerfherder]

I use the same password with slight variations


*** when I create a test user at work and then have to give someone else access :/

 

[KikzAzz]

I use KeePass to store my passwords as well as any other confidential information.

 

[KikzAzz]

I use KeePass but the database is stored on OneDrive in the cloud. Best of both worlds. It is used and accessed locally, but can download the database on another platform and access my passwords if required.

 

[hawker]

In my head. Not too sure I'd trust a 3rd party service like LastPass.

 

[Idiosyncratic]

I use KeePass but the database is stored on OneDrive in the cloud. Best of both worlds. It is used and accessed locally, but can download the database on another platform and access my passwords if required.

Yeah, but mega.nz auto syncs and I have two PCs on at the same time on occasion. Have had issues syncing the database properly

 

[Slingshot]

You can store the portable version of Keepass as well as the database on Google Drive, and run it on any PC where your Google Drive syncs to. As a bonus, you can use the Keepass Android app to access the same database on Google drive on your Android phone.

 

[Ho3n3r]

In my head. Not too sure I'd trust a 3rd party service like LastPass.

Same. I don't feel comfortable with it at all, since hackers are aware that they will have a proverbial goldmine if they crack it. I assume it hasn't happened yet, but the day it does...

 

[Dan C]

KeePass

 

[Nyamandlovo]

Coded and hidden in a handwritten and roughly edited document amongst all my other notes.

 

[Vegeta]

Brain for important ones. Google sync for crap like forums and junk

 

[Idiosyncratic]

Brain for important ones. Google sync for crap like forums and junk

You think of us as crap?

 

[Fro]

For all the rubbish, I use the same password. It really helps when you have a Facebook or Gmail account just for the random sites. Only a few really important things of mine need different passwords.