Sign in to follow this  
Followers 0
MonGoWonGo

Most Secure Password Manager

8 posts in this topic

Hi,

I am looking for a secure password manager. I am currently using KeePass 2.17. I saw a Hak5 video about the copy to clipboard vulnerability. Does anyone know of any other types of vulnerability to the appliciation. Also, is there another password manager that is a better option than KeePass?

Thanks!

0

Share this post


Link to post
Share on other sites

Hi,

I am looking for a secure password manager. I am currently using KeePass 2.17. I saw a Hak5 video about the copy to clipboard vulnerability. Does anyone know of any other types of vulnerability to the appliciation. Also, is there another password manager that is a better option than KeePass?

Thanks!

Your brain.

Or get something that uses a good encryption algorithm on a smartphone/handheld. Just don't lose the device..... I found one for my phone, uses 256bit blowfish and wipes itself if so many bad passwords are entered... It can be adjusted to not wipe the database on bad logins, but that is the only known vuln... to guess the password. So I set that. Just backup the database (the backup IS encrypted, too).

0

Share this post


Link to post
Share on other sites

LastPass is a fairly talked about password manager. Steve Gibson from security now did a full review in one of his podcasts (Transcript link : Episode 256)

It works between multiple OSes and if very easy to use.

0

Share this post


Link to post
Share on other sites

LastPass is a fairly talked about password manager. Steve Gibson from security now did a full review in one of his podcasts (Transcript link : Episode 256)

It works between multiple OSes and if very easy to use.

I would not advise lastpass myself. Storing all your passwords in the cloud is trouble, no matter how encrypted (they claim) it is

0

Share this post


Link to post
Share on other sites

Thanks. Do you happen to remember the name of the app by any chance?

Hi,

I am looking for a secure password manager. I am currently using KeePass 2.17. I saw a Hak5 video about the copy to clipboard vulnerability. Does anyone know of any other types of vulnerability to the appliciation. Also, is there another password manager that is a better option than KeePass?

Thanks!

Your brain.

Or get something that uses a good encryption algorithm on a smartphone/handheld. Just don't lose the device..... I found one for my phone, uses 256bit blowfish and wipes itself if so many bad passwords are entered... It can be adjusted to not wipe the database on bad logins, but that is the only known vuln... to guess the password. So I set that. Just backup the database (the backup IS encrypted, too).

0

Share this post


Link to post
Share on other sites

I like the convenience of the cloud, but have security issues as well. For me, too much unknown.

LastPass is a fairly talked about password manager. Steve Gibson from security now did a full review in one of his podcasts (Transcript link : Episode 256)

It works between multiple OSes and if very easy to use.

I would not advise lastpass myself. Storing all your passwords in the cloud is trouble, no matter how encrypted (they claim) it is

0

Share this post


Link to post
Share on other sites

Thanks. Do you happen to remember the name of the app by any chance?

Hi,

I am looking for a secure password manager. I am currently using KeePass 2.17. I saw a Hak5 video about the copy to clipboard vulnerability. Does anyone know of any other types of vulnerability to the appliciation. Also, is there another password manager that is a better option than KeePass?

Thanks!

Your brain.

Or get something that uses a good encryption algorithm on a smartphone/handheld. Just don't lose the device..... I found one for my phone, uses 256bit blowfish and wipes itself if so many bad passwords are entered... It can be adjusted to not wipe the database on bad logins, but that is the only known vuln... to guess the password. So I set that. Just backup the database (the backup IS encrypted, too).

The name is mSecure. It was one of the pricier passwd management apps in the App CapStore. I think in the $4.99 - $9.99 range. It's available on driod as well.

0

Share this post


Link to post
Share on other sites

Really, just come up with good passwords and remember them. If you absolutely need a very secure password for something, chances are it can be set up to use a SecureID card in addition to your password.

To beat a dictionary attack, try this:

1. Pick an obscure name.

ex: Svald Cjelli

2. Bastardize it.

ex: SvCjell

3. Make it feel special.

ex: 4SvCjell2

Those of you familiar with Douglass Adams novels might be able to see where some of this came from, but it really doesn't make your job a lot easier. This is impervious to dictionary attacks, it's 9 characters long which is decent enough. (You can always make two such passwords and concatenate them.) It's only impervious to a human attacking it if you do the steps properly! The name must be obscure. You must bastardize it properly. You must make it special. On the whole it works marvelously, and it's much easier than remembering random jibberish (though it might look like that to someone who doesn't know how you got there).

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0