Page 1 of 3 123 LastLast

  1. Join Date : Aug 2016
    Posts : 157
    Windows 10 64 bit, 1607
       02 Oct 2016 #1

    Storing passwords.


    I use Lastpass password manager but I was wondering if it is a good or bad idea to store your passwords locally or probably better on an external drive? I've read that storing them in Onedrive is not a good idea as they could easily be accessed by someone unwanted...

    Could you encrypt a backup of your passwords?
      My System SpecsSystem Spec

  2.    02 Oct 2016 #2

    I use Lastpass myself, they encrypt their data but like anything online there's an element of risk. Same could be argued for written down passwords, burgler enters house and finds your passwords and steals your computer. May be he wouldn't have considered stealing the computer until he saw the password book.

    OneDrive is not geared towards password storage.

    Lastpass has rescued me numerous times.
      My System SpecsSystem Spec

  3.    02 Oct 2016 #3

    Hi there

    Storing passwords anywhere carries an element of Risk -- if it's online you have the possibility of LOSS as well as Hacking.

    Actually - I know security people will hate this - but for HOME users a bit of LOW tech probably is the best here -- (I know most people under the age of about 27 will probably not have a clue what I am saying) Simply write them down on a piece of paper / notebook and store it in a safe place.

    If anybody does break in and steals the notebook - you'll have much more to worry about than lost passwords after a visit from "an uninvited guest".

    I just don't like the idea of sharing sensitive information with 3rd parties - however secure they say they are.

    I believe the only set of computers that have never been hacked from the Outside were IBM mainframes using their RACF (Resource Access Control Facility). Totally different from PC's etc and even current Network servers. !!!

    For people who might be interested :

    Resource Access Control Facility - Wikipedia, the free encyclopedia

    Cheers
    jimbo
      My System SpecsSystem Spec


  4. Join Date : Oct 2014
    Trnava
    Posts : 1,625
    Windows 10 Pro x64
       02 Oct 2016 #4

    Kol12 said: View Post
    I use Lastpass password manager but I was wondering if it is a good or bad idea to store your passwords locally or probably better on an external drive? I've read that storing them in Onedrive is not a good idea as they could easily be accessed by someone unwanted...

    Could you encrypt a backup of your passwords?
    You can encrypt anything as many times as you want and then store it anywhere.
    Lastpass backup should be already encrypted, but you can additionally use 7-zip.

    How to encrypt ZIP files securely using 7Zip

    I prefer to backup offline and use an offline password manager like KeePass, but that is a matter of choice.
      My System SpecsSystem Spec

  5.    02 Oct 2016 #5

    TairikuOkami said: View Post
    You can encrypt anything as many times as you want and then store it anywhere.
    Lastpass backup should be already encrypted, but you can additionally use 7-zip.

    How to encrypt ZIP files securely using 7Zip

    I prefer to backup offline and use an offline password manager like KeePass, but that is a matter of choice.
    Hi there

    using these sorts of ONLINE services misses the point. IMO as the previous poster says using OFFLINE methods is far more sensible. If you though use an electronic device you still have the problem if the device fails.

    Against the ONLINE stuff :

    1) presumably you STILL need a password to access this data --so what happens if you forget it.
    2) If the server is down and you need the data - then you are also HOSED -- no point saying these servers never go down --even the "Mighty Google" has had outages - and not so long ago either.
    3) Some of these servers can be seized by FBI or whatever if people store "dubious content" on them.
    4) Intelligence / Security agencies world wide can get access to this data "In the Interests of National Security" --catchall phrase in loads of jurisdictions but I don't think there are many Court cases explaining exctly what that is.
    5) Hack possibilty,.

    I might be an old Dinosaur but I think the Pen and Paper method trumps online services by MILES and also in the event of Local device failure you still can recover your passwords when you repair the device or install a new one.

    As for encryption -- a good idea but people usually forget that you STILL have to enter a password in Plaintext even if it is encrypted before access is granted to your service.

    Cheers
    jimbo
      My System SpecsSystem Spec


  6. Join Date : Jul 2016
    Posts : 223
    Windows 10
       02 Oct 2016 #6

    storing your passwords onto your notebook paper is much safer than software, and this is the fact.
      My System SpecsSystem Spec


  7. Join Date : Oct 2014
    Trnava
    Posts : 1,625
    Windows 10 Pro x64
       02 Oct 2016 #7

    jimbo45 said: View Post
    As for encryption -- a good idea but people usually forget that you STILL have to enter a password in Plaintext even if it is encrypted before access is granted to your service.
    That is a good about Keepass, it enters passwords randomly, so a keylogger would only catch characters, not the password. Opening Keepass can also by done on a secure desktop and it clears a clipboard after copy/paste.

    Two-Channel Auto-Type Obfuscation - KeePass
      My System SpecsSystem Spec

  8.    02 Oct 2016 #8

    TairikuOkami said: View Post
    That is a good about Keepass, it enters passwords randomly, so a keylogger would only catch characters, not the password. Opening Keepass can also by done on a secure desktop and it clears a clipboard after copy/paste.

    Two-Channel Auto-Type Obfuscation - KeePass
    Hi there

    you still IMO haven't understood the real problem.

    If a keylogger captures your Entry it can use that to enter into your account so you are hosed whatever the real / final encryption methods are used.

    What's the difference between me and anybody else replying to a Username / Password prompt -- you still have to enter these in Plaintext which is possible to capture by hackers --especially if you are mad enough to logon via Wifi --any even beginning Engineer knows about Data analysers -- any old school engineer can MAKE one of these for a few dollars - all it needs to do if you use Wifi is just capture the Wireless signal coming from your Wifi card --Router encryption occurs AFTER this - and of course plenty of cheap commercial products available too.

    It's not always HOW the data is stored - but your LOGON method -- and this stuff is ALWAYS at your keyboard entered in Plaintext.

    A decent way IMO far safer - nobody has come out with one yet --would be to have the encryption built in to THE KEYBOARD so although you enter PLAINTEXT any data transmission or keyloggers would get scrambled data. I haven't seen this type of device yet --

    Hi youngsters you could make serious money if you could build a decent security system built into a keyboard !!!.

    Cheers
    jimbo
      My System SpecsSystem Spec


  9. Join Date : Oct 2014
    Trnava
    Posts : 1,625
    Windows 10 Pro x64
       02 Oct 2016 #9

    jimbo45 said: View Post
    It's not always HOW the data is stored - but your LOGON method -- and this stuff is ALWAYS at your keyboard entered in Plaintext.
    As I said, Keepass does not enter the real password, so hackers would have to guess the real one.

    Lets say you have a password: "Password123", Keepass would enter it like this: "s2o3Pasrd1w".
      My System SpecsSystem Spec

  10.    02 Oct 2016 #10

    TairikuOkami said: View Post
    As I said, Keepass does not enter the real password, so hackers would have to guess the real one.

    Lets say you have a password: "Password123", Keepass would enter it like this: "s2o3Pasrd1w".
    And --if exactly the the same data that YOU entered was being captured what difference would it make. If I replicated your data entry exactly - Keys of the kingdom are opened.

    Cheers
    jimbo.
      My System SpecsSystem Spec


 
Page 1 of 3 123 LastLast


Similar Threads
Thread Forum
Microsoft’s Edge browser may be storing private browsing data
Read more: Microsoft's Edge browser may be storing private browsing data | The Verge
Windows 10 News
Getting started storing app data locally
Read more: Getting started storing app data locally | Building Apps for Windows
Windows 10 News
Storing images: error code 0x80070716 (1814)
I need help with the new configuration paths for storing images. Storage system images I conducted via the Control Panel-Backup and Recovery with the selection of the location for storing bit. copies of internal, specifically for this purpose a...
Performance & Maintenance
Groove Music not storing anything
I've been trying to get my music recognised in Groove Music. All of my music is stored in two directories on a NAS, I have the two defined to Groove, they appear to have carried forward from my Windows 7 install. They are defined as UNCs but I've...
Software and Apps
Which is best for running and storing my Web Sites Windows 7 or 10
Hi this is my first Post. For many years I've been running Windows XP and about 10 years ago bought a couple of copies of Windows 7 which up until very recently I have never used because of all sorts of stories about incompatibility with some...
General Support
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 19:27.
Find Us
Twitter Facebook Google+



Windows 10 Forums