Like Tree30Likes

How do you handle many login/password/smartphone/email/website accounts etc?

Closed Thread
Page 4 of 4 FirstFirst 1 2 3 4
  1. #31

    Join Date
    Dec 2011
    Location
    Tsim Sha Tsui
    Posts
    3,963
    Quote Originally Posted by bdw:
    I use an android app called "pocket" which uses 256 bit AES encryption. So I have one master password that unlocks all the others. The pocket database is kept in sync with my phone, PC, laptop, tablet using dropbox, meaning I can access and update it from anywhere and it automatically updates on all my other devices. If I lose any of my devices I have not lost the database.

    The encryption means that even if you get hold of the database (by stealing my phone or hacking into my dropbox account online), you cant do anything with it unless you know the master password. To hack 256 bit AES will take far longer than the age of the universe to complete. Even a brute force attack is useless unless it is carried out by the original owner of the file and provided they can remember a few of the characters, whether they were upper or lower case, how long the password was, etc. Without knowing a few clues like this, its impossible to crack. Thats the theory anyway. Unless your master password is something like '12345' like those dorks from spaceballs.

    All well and good, but what if you can't recall the master password?

  2. #32

    Thanks for the discussion.

    I'll give these P@ssw0rd R3m1nd3r5 a go.
    Typically I only use the one PC for most stuff - hopefully the disk won't crash.

    Note to self - take a backup.


  3. #33

    Join Date
    Oct 2006
    Location
    Hong Kong
    Posts
    15,557
    MovingIn07, zerocred, jgl and 1 others like this.

  4. #34

    Join Date
    Aug 2006
    Posts
    11,884

    Another vote for the password manager approach. My IT friends generally use Keepass or Password Safe- free and easy to use.

    We store our password databases somewhere on the cloud (Amazon S3/Jungledisk, Dropbox, Sugarsync) so the databases are updated and accessible from multiple trusted computers (work, personal laptop, home). I also keep my database on a USB stick on my keyring in case I really need to access it from somewhere in an emergency. Some of these packages will allow for boot-to-USB so you can boot into a known safe OS instead of using hotel/internet cafe computer which probably has all sorts of dodgy crap loaded onto its hard drive.

    The good thing about cloud storage for the password database is that you get automatic backups and the ability to roll back to previous versions if you corrupt the file. You can also backup simply by mailing the database to yourself occasionally.

    Regarding the issue of forgetting the master password... well, you'd have to be a bit thick to do that as 1) you only have one password to remember instead of twenty and 2) it's a bloody important one so it should be strong and easy to remember (see Pin's cartoon). Or as a last resort, you store the master on paper, in a safe.

    Last edited by jgl; 01-02-2012 at 11:30 AM.

Closed Thread
Page 4 of 4 FirstFirst 1 2 3 4