|
|
Post by trailboss on Jun 20, 2021 12:02:36 GMT -5
In the past, I used Google Chrome and I am on top of keeping my security up to date, but I have gotten a pop up from Google that their site has been compromised and 65 passwords of mine are floating out there on the web. I always opt out of storing credit card info on sites where I make purchases. I immediately changed the passwords on banking, credit cards, 401k, stocks etc.....
But trying to remember all of the passwords on mine and my wife's phone, a PC, and laptop and being able to access the passwords when away from home can be a pain.
Some sites allow a user to adopt their strong password options that are fine and well if you do everything on one computer but would not allow me to access and account on another device. I realize that anything online is never 100% secure, but I am open to suggestions that would make it difficult for hackers to do their dirty work.
As for Google, I am done with them.
|
|
|
|
Post by toshtego on Jun 20, 2021 13:44:40 GMT -5
I create my own passwords and record them on a log sheet. This is carefully hidden from prying eyes. Since I am under government surveillance, as are most all rural residents, it will probably be discovered by NSA/FBI/ASPCA/ and Publisher's Clearinghouse Agents when they search my house while I am in town.
|
|
|
|
Post by simnettpratt on Jun 20, 2021 17:34:58 GMT -5
You state your goal is to "make it difficult for hackers to do their dirty work", and you want access from different devices, and that remembering 65 different passwords is a pain.
Password managers are specifically designed to handle this but, as with google, all your keys are in one box.
Keeper Unlimited at keepersecurity.com gets some good reviews. It's $21 billed annually, with unlimited passwords and devices.
|
|
|
|
Post by trailboss on Jun 20, 2021 17:40:45 GMT -5
Thanks, I will check it out!
|
|
BrunoT
Junior Member
Looking forward to the next bowl
Posts: 294 
First Name: Bruno
Favorite Pipe: Ser Jacopos, Canadians, Dunhill
Favorite Tobacco: My Own Blend Everest
Location:
|
Post by BrunoT on Jun 20, 2021 18:27:07 GMT -5
I find it highly improbable that your compromised passwords have anything to do with a data breach at Google or the password manager in Chrome (unless somebody broke into your Google account or device). AFAIK, that's only a security feature where they notify you they detected you're using an email/password combo that is already known to be out in circulation (so even on sites that were not breached but, theoretically, if somebody would try the "known" combination they can get in since you're using the same password; note that this doesn't mean somebody actually logged in). I could be wrong of course, but anything of Google magnitude, I think I'd hear about. If that's your only motivation, I wouldn't bother switching the manager, just change the passwords. While the browser password manager is arguably only okay compared to full blown software, if you secure your account/device properly and use two-factor authentication there's little to worry about. Of course, if you're worried about the scenario where somebody takes over your computer/phone and waltzes right into Chrome, that's different story. I can recommend LastPass for ease of use or Keeper if you need something more robust and cross-platform. FYI, have i been pwned is a site that can give you a general overview of some of the breaches your email or phone number could have been involved in. |
|
|
|
Post by trailboss on Jun 20, 2021 18:36:35 GMT -5
Thank you Bruno!
I appreciate your insight.
|
|
|
|
Post by Professor S. on Jun 20, 2021 19:04:51 GMT -5
|
|
|
|
Post by Ronv69 on Jun 20, 2021 20:47:57 GMT -5
I keep mine in a password protected spreadsheet, but I have tried everything. The reason I had to retire was that I couldn't remember the dozen or so passwords that I used several times every day.
|
|
|
|
Post by simnettpratt on Jun 21, 2021 7:10:06 GMT -5
You can try the algorithm method. Have a regular password, but in the middle make an algorithm from the site you're accessing. For example, to log on to google, change the first letter to the next letter in the alphabet, so hoogle, then put the number of the letter you changed at the end. G is the seventh letter, so hoogle7, then capitalize it to Hoogle7. Put the first half of your password in front, then Hoogle7, then the second half. The middle bit for yahoo would be Zahoo25. For this site, maybe Criarpatch2. The idea is if you forget your password, you can figure it out. I had a lawyer once, who was one of the partners at his firm and probably won some cases, use the password 111111. Then he had it written on a post-it and stuck to his monitor.  |
|
|
|
Post by papipeguy on Jun 21, 2021 9:46:50 GMT -5
I keep a note book with my passwords. I would also recommend using duckduckgo as a search engine. Very secure and they don't share your searches.
|
|
|
|
Post by sperrytops on Jun 21, 2021 10:33:54 GMT -5
I keep mine in a password protected spreadsheet like Ronv. Google is a separate thing, though Google does tell you if any of your passwords appear compromised on the web. I just change the passwords. I use Norton for security and it will notify you if any of your passwords appear on compromised sites. Then I just change the passwords again. As for financial institutions, I periodically change those passwords anyway.
|
|
|
|
Post by Legend Lover on Jun 21, 2021 10:49:00 GMT -5
You can try the algorithm method. Have a regular password, but in the middle make an algorithm from the site you're accessing. For example, to log on to google, change the first letter to the next letter in the alphabet, so hoogle, then put the number of the letter you changed at the end. G is the seventh letter, so hoogle7, then capitalize it to Hoogle7. Put the first half of your password in front, then Hoogle7, then the second half. The middle bit for yahoo would be Zahoo25. For this site, maybe Criarpatch2. The idea is if you forget your password, you can figure it out. I had a lawyer once, who was one of the partners at his firm and probably won some cases, use the password 111111. Then he had it written on a post-it and stuck to his monitor. My method is similar but probably less secure.... I have one password for everything, but I use an acrostic (I think) that helps me... So for example, lets say my password was TheBriarPatch. I'd add a number to that so there's a number and a special character to tick that box. Let's say 13 and ? I then make up a sentence... My Super Secure Password Is TheBriarPatch13? I take the first letters of that sentence to make the password and capitalise some (I've done it already with TheBriarPatch)... msspiTheBriarPatch13? Then for each entity I add it to the sentence... My Google Super Secure Password Is TheBriarPatch13? So the password becomes... mGsspiTheBriarPatch13? Then for my bank it would be... My Nationwide Super Secure Password is TheBriarPatch13? And so on... Like I said, maybe not totally secure, but I know what all my passwords are, but they're all different. |
|
|
|
Post by trailboss on Jun 21, 2021 12:55:08 GMT -5
Great advice one and all, thanks for posting.
|
|
|
|
Post by simnettpratt on Jun 21, 2021 13:51:07 GMT -5
One way techs are taught to keep people working for the same company from sharing their passwords is to assign them an acrostic that is so vulgar, obscene or racist they don't want to tell other folk what it stands for. Never did that myself, not would I, but kinda funny.
I asked a big burly guy at a trucking company for his password another tech had assigned him once - it was fruit7cup. I started laughing and asked if he'd like me to change it.
Yes I would!
Told him sorry, computer geeks aren't known for their social skills. Made it something about beer and he was much happier.
|
|
flatwatermonte
New Member
Posts: 46
First Name: Trevor
Favorite Pipe: Whichever one is in my mouth
Favorite Tobacco: McC Dark Star
Location:
|
Post by flatwatermonte on Jun 21, 2021 20:54:55 GMT -5
I changed all my passwords to incorrect. Now I don't have to remember them, everything I try to log into tells me what my password is! 😂😂
|
|
|
|
Post by Ronv69 on Jun 21, 2021 21:06:58 GMT -5
When we had people who mismanaged their passwords we set them to be changed every 3 days until they learned their lesson.
|
|
|
|
Post by urbino on Jun 22, 2021 1:19:36 GMT -5
I've been using LastPass for many years, and have no complaints. They even have a plugin for Opera. I also got a pair of YubiKey devices to use with it for MFA.
|
|
|
|
Post by Legend Lover on Jun 22, 2021 2:55:37 GMT -5
I changed all my passwords to incorrect. Now I don't have to remember them, everything I try to log into tells me what my password is! 😂😂 Excellent! |
|
exbenedict
Full Member
Posts: 975
Favorite Pipe: This one
Favorite Tobacco: That one
Location:
|
Post by exbenedict on Jun 23, 2021 17:44:04 GMT -5
In the past, I used Google Chrome and I am on top of keeping my security up to date, but I have gotten a pop up from Google that their site has been compromised and 65 passwords of mine are floating out there on the web. I always opt out of storing credit card info on sites where I make purchases. I immediately changed the passwords on banking, credit cards, 401k, stocks etc..... But trying to remember all of the passwords on mine and my wife's phone, a PC, and laptop and being able to access the passwords when away from home can be a pain. Some sites allow a user to adopt their strong password options that are fine and well if you do everything on one computer but would not allow me to access and account on another device. I realize that anything online is never 100% secure, but I am open to suggestions that would make it difficult for hackers to do their dirty work. As for Google, I am done with them. 1Password. It's a subscription service but its the best $4 a month I've spent. Works and syncs across phones, computers, tablets, and laptops. Store logins, passwords, and credit cards with ease and no worries. |
|
