Author Topic: On using password managers (Read 1280 times)

Xairbusdriver · « **on:** November 22, 2013, 02:04:35 PM »

NOT?!

You probably have a couple of sites, usually banking or investment, that require you to answer several 'personal' questions. Things like where you were born, favorite teacher, best friend, first pet's name, etc. (Too) Many sites use exactly the same, generic questions. That means when (not if) they get hacked, your info may be compromised at other sites. Just like using the same password is silly (or worse!), using the same answers to the same question is not very smart (or worse)!

But, you say, "I have a hard enough time remembering my first pet's name without trying to remember one's I make up!" Agreed, but that's the big advantage of a password manager.

A good password manager will allow you to generate random text entries for any field you need to fill in at a site. Hopefully, you're already using these types of generated passwords, if not, welcome to the 21st Century!

But why put actual, usable, personal information anywhere you don't have to?

Since you're using a good password manager, you can put any text the site will accept as an answer and never worry about remembering it, that's why you have the password manager.

It may be time we stop calling these apps "password" managers! A good one will do a whole lot more than manage passwords!

Of course, you probably need to be truthful when communicating with the IRS and other government entities.

OTOH, you don't have to worry about the NSA, they already have all your personal info!

Bruce_F · « **Reply #1 on:** November 23, 2013, 07:08:56 PM »

I'm with you… password managers are an essential part of life these days.

I have a beef about some sites and the password configurations they "require". Some will say something to the affect, "Passwords cannot be no more than 8 characters."

What's the point of having a good password generator like the one built into 1Password if you're not allowed to generate a string as long as you want?

kimmer · « **Reply #2 on:** November 23, 2013, 09:36:19 PM »

How about the sites that use a window to log on that defies the use of any password manager. Our local paper requires me to manually enter my user name and password. Might be a flash based log in? At least I can open 1Password and copy/paste into the fields.

http://www.newportnewstimes.com/v2_main_page.php

Xairbusdriver · « **Reply #3 on:** November 24, 2013, 03:00:39 PM »

When you paste in the data and press the 'submit' or whatever the button may be called, does 1PW ask if you want to update the changes?

kimmer · « **Reply #4 on:** November 24, 2013, 03:09:35 PM »

QUOTE(Xairbusdriver @ Nov 24 2013, 01:00 PM) <{POST_SNAPBACK}>

When you paste in the data and press the 'submit' or whatever the button may be called, does 1PW ask if you want to update the changes?

No. If I use 1PW as I normally would, it enters my user name in the google search box that is farther down the page. Otherwise, 1PW is silent.

I'm pretty sure the login is flash driven.

Xairbusdriver · « **Reply #5 on:** November 24, 2013, 03:16:58 PM »

You could also (write down the info!) delete the entry in 1PW and log in again. 1PW should ask if you want to Save the info. Doing that could also help Agile as it will record the title/name of the fields the site is using for the user name/ID and password. You can also look at the html and see if it's using javascript or Flash and probably see the title/name of the field. OTHO, it may be obfuscated by the script that sends that info back to the banks servers. You could then forward the info and site url to Agile. They might have an answer or a solution.

I find turning Auto Submit OFF helps in certain sites, also.

News:

Author Topic: On using password managers (Read 1280 times)