Password managers

[Flashheart]

What with all the various online accounts I have, I'm struggling to remember passwords. I was thinking of using a password manager, has anybody here used one? Are they safe?

[Sippo]

Lastpass. 100%.

[Samdy Gray]

Used Keepass for a bit because it's open source and generally regarded as being very safe. The browser integration isn't great so I moved to 1Password when I got a good deal on a 1-year license.

I've since switched to Bitwarden. Very similar to 1Password but again it's open source and also free (unless you want to pay for a premium version). It's missing some features I liked from 1Password, but overall it does the job well.

[Flashheart]

Cheers gents.

[Nemo]

I use Lastpass, although ironically enough I've forgotten my master password. Good bit of kit though, generates secure passwords for you as well which is helpful when you just can't be arsed to think of another one.

[Wobbly Bob]

I bung all of mine into a txt file and they are all pretty much the same.

Not best practice and didn't know that there are utilities that can manage this.

So will look into these. Thank you.

Data manager by trade as well.
Head em up and move em on. 

[Chubbs]

I bung all of mine into a txt file and they are all pretty much the same.

Not best practice and didn't know that there are utilities that can manage this.

So will look into these. Thank you.

Data manager by trade as well.
Head em up and move em on. 

I think it comes with the territory that most IT professionals have really bad password practice.

I use pretty much the same password for everything, with some variation depending on password complexity and those that expire after a set about of time, I just increment the number by 1 each time.

[Wobbly Bob]

I think it comes with the territory that most IT professionals have really bad password practice.

I use pretty much the same password for everything, with some variation depending on password complexity and those that expire after a set about of time, I just increment the number by 1 each time.

Agree with that and much the same with incremental numbers.
Gone are the days of rolling up to a customer site and being handed the admin password on a bit of paper and then left to get on with it.

Surprised more websites don't send a passcode to mobile phones as an extra level of authentication.

Did some work for a marine engineering company once and the IT manager had stopped a Chinese hacker who was begging to be let onto the system otherwise they would lose their "job"!

Cyber security. Big business and very lucrative for any contractors who know what they are doing.

[AldbourneRed]

Also agree with Lastpass - I work in cyber security and we use the enterprise version at work, but the free version does everything most people will need.

If you can be bothered to read about it they publish a lot of information online about how their encryption works and why even they can't see your passwords (which is a bugger if you forget your master password)

Having to remember only 2 passwords (PC and Lastpass) and knowing that everything else is a very long string of random digits is very reassuring and very secure.

[jayohaitchenn]

Password Safe - https://pwsafe.org/

Originally designed by Bruce Schneier.

[Chubbs]

Anyone who works on a computer is more than likely "forced" to change their passwords every 30,40 or whatever days.

The below article is something i came across a while ago and basically asks the question "is changing your password on a frequent basis doing more harm than good"

https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes