Author Topic: One password for everything  (Read 14804 times)

Offline avromie7

  • Dansdeals Lifetime Presidential Platinum Elite
  • *********
  • Join Date: Feb 2014
  • Posts: 6444
  • Total likes: 1052
  • DansDeals.com Hat Tips 6
    • View Profile
  • Location: Lakewood
Re: One password for everything
« Reply #15 on: January 08, 2015, 12:29:43 AM »
    +1 me too. cant get hacked deleted etc.
Can easily get lost under some papers
I wonder what people who type "u" instead of "you" do with all their free time.

Offline Super Speed

  • Dansdeals Lifetime Presidential Platinum Elite
  • *********
  • Join Date: Jul 2013
  • Posts: 5138
  • Total likes: 44
  • DansDeals.com Hat Tips 4
  • Gender: Male
    • View Profile
  • Programs: SPG Gold, Hilton Gold, Hyatt Platinum, Marriott Gold, Hertz Presidents Circle, Avis First, National Executive Elite, Sixt Platinum.
Re: One password for everything
« Reply #16 on: January 08, 2015, 12:40:45 AM »
I use one password for everything...

Offline ckmk47

  • Dansdeals Lifetime Presidential Platinum Elite
  • *********
  • Join Date: Aug 2012
  • Posts: 6697
  • Total likes: 339
  • DansDeals.com Hat Tips 3
  • Gender: Female
    • View Profile
  • Location: brooklyn
Re: One password for everything
« Reply #17 on: January 08, 2015, 02:12:10 AM »
I use one password for everything...
Do you mean your Staples account has the same password as your Ink card?
Not really safe. If one weak website gets hacked, everything is in danger.


And for the record, I keep my password manager in a relatively uncluttered spot.  I hardly ever lose it. :)

Offline dudi

  • Dansdeals Lifetime Platinum Elite
  • *******
  • Join Date: Nov 2013
  • Posts: 1618
  • Total likes: 4
  • DansDeals.com Hat Tips 10
    • View Profile
  • Programs: Star Alliance Gold, Skyteam Elite Plus
Re: One password for everything
« Reply #18 on: January 08, 2015, 08:18:33 AM »
How do you guys know who is behind these programs I don't get it. Its the easiest way to get all your passwords without working for a second you may just be paying them to have all your passwords

Offline yesitsme

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Dec 2014
  • Posts: 3200
  • Total likes: 958
  • DansDeals.com Hat Tips 4
  • Gender: Male
    • View Profile
Re: One password for everything
« Reply #19 on: January 08, 2015, 08:21:51 AM »
I use one password for everything...

thanx for telling me you're my next fish 8)

Offline an613

  • Dansdeals Platinum Elite
  • ****
  • Join Date: Apr 2010
  • Posts: 324
  • Total likes: 1
  • DansDeals.com Hat Tips 1
    • View Profile
Re: One password for everything
« Reply #20 on: January 08, 2015, 09:52:00 AM »

How do you guys know who is behind these programs I don't get it. Its the easiest way to get all your passwords without working for a second you may just be paying them to have all your passwords

That's the part that makes me scared of using lastpass and others like it that store them online- it's a single point of failure and too large of a target for hackers. It's not a question of if they're going to get hacked, it's a question of when. No one is secure enough to keep out hackers who are determined.

1password and keepass keep the passwords locally on your computer so much less of a risk. Granted there is still a risk someone will hack your computer but the benefit of having strong unique passwords for my accounts makes it worth it.

Offline AnonymousUser

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Feb 2013
  • Posts: 3015
  • Total likes: 5
  • DansDeals.com Hat Tips 0
    • View Profile
Re: One password for everything
« Reply #21 on: January 08, 2015, 10:34:23 AM »
That's the part that makes me scared of using lastpass and others like it that store them online- it's a single point of failure and too large of a target for hackers. It's not a question of if they're going to get hacked, it's a question of when. No one is secure enough to keep out hackers who are determined.

1password and keepass keep the passwords locally on your computer so much less of a risk. Granted there is still a risk someone will hack your computer but the benefit of having strong unique passwords for my accounts makes it worth it.
I don't know for sure, but I assume that the passwords are stored online in an encrypted form. They probably don't even have the decryption key; it can only be unlocked by your master password.

Offline Yaalili

  • Dansdeals Lifetime 10K Presidential Platinum Elite
  • *******
  • Join Date: Jul 2009
  • Posts: 12163
  • Total likes: 252
  • DansDeals.com Hat Tips 151
  • Gender: Male
    • View Profile
  • Location: Crown Heights, NY
  • Programs: Caesars Diamond, Hilton Diamond, Hyatt Explorist, IHG Spire, Marriott Silver, Radisson Gold, Southwest Companion Pass, Wyndham Diamond, DansDeals Lifetime 10K Presidential Platinum Elite.
Re: One password for everything
« Reply #22 on: January 08, 2015, 10:41:32 AM »
Do you mean your Staples account has the same password as your Ink card?
Not really safe. If one weak website gets hacked, everything is in danger.

+1. And different websites have different requirements, letters, numbers, how many, caps, symbols etc..

Offline etech0

  • Dansdeals Lifetime 10K Presidential Platinum Elite
  • *******
  • Join Date: Dec 2013
  • Posts: 11945
  • Total likes: 1974
  • DansDeals.com Hat Tips 1
    • View Profile
  • Location: not lakewood
  • Programs: DDF
Re: One password for everything
« Reply #23 on: January 08, 2015, 10:45:22 AM »
    +1 me too. cant get hacked deleted etc.
Can get stolen or destroyed though
Workflowy. You won't know what you're missing until you try it.

Offline srap

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Dec 2013
  • Posts: 2637
  • Total likes: 108
  • DansDeals.com Hat Tips 4
    • View Profile
Re: One password for everything
« Reply #24 on: January 08, 2015, 10:57:56 AM »
I have a low tech version.  It's not portable, so it only works on my home PC.
http://www.staples.com/Staples-Perforated-Notepad-Narrow-Ruled-White-5-x-8-12-Pack/product_163873
;D You are a riot!!

I don't trust any online entity (surprise) nor myself to keep @ckmk47's low tech version safe.  I have one 'password' for everything, but my password is a pattern.  I correctly reinvent each of my hundreds of passwords each time I use them.  Your pattern can be simple (not smart) or quite sophisticated with multiple parts.

Offline an613

  • Dansdeals Platinum Elite
  • ****
  • Join Date: Apr 2010
  • Posts: 324
  • Total likes: 1
  • DansDeals.com Hat Tips 1
    • View Profile
Re: One password for everything
« Reply #25 on: January 08, 2015, 11:11:22 AM »

I don't know for sure, but I assume that the passwords are stored online in an encrypted form. They probably don't even have the decryption key; it can only be unlocked by your master password.

Yep they probably are but because everything has to communicate with their servers, it introduces lots of new vectors to be attacked that just don't exist if everything is Iocal. E.g, http://siliconangle.com/blog/2014/07/14/password-managers-hacked-researchers-find-critical-vulnerabilities/

Don't get me wrong, it's million times better than nothing or using same password everywhere but still more vulnerable than then the local ones

Offline an613

  • Dansdeals Platinum Elite
  • ****
  • Join Date: Apr 2010
  • Posts: 324
  • Total likes: 1
  • DansDeals.com Hat Tips 1
    • View Profile
Re: One password for everything
« Reply #26 on: January 08, 2015, 11:21:01 AM »

I don't trust any online entity

+1. I don't use mint for this reason

Offline yesitsme

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Dec 2014
  • Posts: 3200
  • Total likes: 958
  • DansDeals.com Hat Tips 4
  • Gender: Male
    • View Profile
Re: One password for everything
« Reply #27 on: January 08, 2015, 11:59:59 AM »
How do you guys know who is behind these programs I don't get it. Its the easiest way to get all your passwords without working for a second you may just be paying them to have all your passwords

no one is immune no one is safe you have to choose the safest option you have there are [3] basic option
  • to  store all passwords in one central encrypted database, risk once they decrypt it they have everything
  • have the same 2-3 passwords for everything, risk they get you once they got everything EX: dansdeals.com doesn't have ssl etc
  • not central + different passwords for everything, risk very low but probebly have a hard time to remember each & every password

if they hack your computer to get your password from last pass they can the same @ chase.com

Offline yesitsme

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Dec 2014
  • Posts: 3200
  • Total likes: 958
  • DansDeals.com Hat Tips 4
  • Gender: Male
    • View Profile
Re: One password for everything
« Reply #28 on: January 08, 2015, 12:08:51 PM »
TIP
if you ever get a email with a link to sign in dont click the link just enter it manually in the browser
Today my friends email was hacked i received the following:

Quote
Hello,

View the documents i have attached for you using Drop Box. Please let me know your opinion.

Click here to view http//dropbox .com/login/documents log on with your email for immediate access to view.

Regards,

the link was actually sending me to http://www .deltagroup .com .my/deltagroup/images/les/fox/dropbox/index .php

it looks just like dropbox when you submit the redirect you to dropbox.com after they got all your info (i spaced the link it shouldn't be accessible )

looks like the domain name is .com and deltagroup is the sub domain interesting
« Last Edit: January 08, 2015, 12:24:30 PM by yesitsme »

Offline AJK

  • Dansdeals Lifetime 20K Presidential Platinum Elite
  • ********
  • Join Date: Jun 2011
  • Posts: 25405
  • Total likes: 419
  • DansDeals.com Hat Tips 15
  • Gender: Male
    • View Profile
  • Programs: United Concierge Key; Delta Global Services; American Chairman; US Airways 1K; Hilton Sapphire; Hyatt Tritium; Marriott Californium; Starwood Kryptonium; Hertz Plutonium; National Adamantium, Avis Executive Proactanium
Re: One password for everything
« Reply #29 on: January 08, 2015, 12:16:53 PM »
Keepass. Free and open source.

+1

Use it daily, have the database stored in my gDrive and accessible from anywhere, home PC, work PC, and mobile. Stores password, CC info, etc. Encrypted with Advanced Encryption Standard, which became effective as a U.S. Federal government standard and is approved by the National Security Agency (NSA) for top secret information.

Am able to use password generator to generate passwords that comply with whatever the website requirements (like: x&7f45C#n) and not have to remember anything except a single, albeit very complicated, password.
« Last Edit: January 08, 2015, 12:20:40 PM by AJK »
2015: 116K bkd | 1.6M brnd | F: OZ,NH,AA,EK | J: UA,CA,TK,DL,TN,AF,VA | LIH,NRT,ROR,PEK,CNS,BOB,MEL,TLV & Pacific Hopper