9 Popular Password Manager Apps Found Leaking Your Secrets

Discussion in 'Chit Chat' started by CHEF-KOCH, Mar 3, 2017.

  1. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    4,077
    4,649
    150

    :laie: Yup. Perfect place for it. :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. JFKI

    JFKI MDL Expert

    Oct 25, 2015
    1,098
    373
    60
    Yeah. That works really well when you use 2 pieces of software regularly one which requires a change every 30 days and the other every 45 days. :rolleyes:
    And you HAVE to wait 16 months before you can reuse ANY password - and that is NOT counting the pre-boot disk encryption software password or the myriad of online lists which also require a password change every XX days... No two of which expire the same day.

    And I don't use a password manager... I use my mind. ;)
     
  3. CHEF-KOCH

    CHEF-KOCH MDL Expert

    Jan 7, 2008
    1,198
    1,188
    60
    Problems are still:
    • We use passwords instead of keys like sha
    • Some pages (especially banking pages) don't allow complex passwords
    • Pain in the ass to type in complex passwords manually so you are 'forced' to use apps e.g. on Mobile

    Imho feature would be a key, in case the unique key would be leaked you would know that exactly you are compromised and not all with xyz passwords. But this requires a 're-thinking' about entire password thing.
     
  4. lostpassword

    lostpassword MDL Member

    Nov 21, 2009
    223
    20
    10
    Some very interesting replies here. Nobody has commented on WINRAR. I often keep passwords in a "clue" form, even on a password protected Excel file. e.g statueofliberty clue could be goldfrancetall or yellowstone clue could be greatestplaceearth91 (91 first time I visited) I am not bothered about Security Agencies, as they are not Crooks, but hackers and thieves seem the biggest risk to me.
     
  5. bloodstone

    bloodstone MDL Novice

    Mar 5, 2017
    23
    1
    0
    as long as firefoxes passwordmanager doesn't openly send out its contents...
     
  6. Katzenfreund

    Katzenfreund MDL Expert

    Jul 15, 2016
    1,372
    820
    60
    It’s an axiom that nothing is safe on the internet, so if you’re saying that, it’s only reinvention of the wheel.

    But just because something is possible doesn’t mean you should worry or change your ways. For example, if you try to figure out the probability that a rare top hacker decides that your 128bit passwords are highly precious to him AND targets you AND manages to crack them…you might find that you’re equally likely to win the lottery.

    So, instead of worrying about your passwords being cracked, it’s better to think positive and buy instead a lottery ticket, put the winnings in a bank and…don’t make the account accessible thru the Internet, password or not…
    But then…the bank may go bust. [​IMG]
     
  7. JFKI

    JFKI MDL Expert

    Oct 25, 2015
    1,098
    373
    60
    What if I told you that your last remark has already happened but no one knows it yet ?

    Our currency is fiat and based on a promise by our government.
    Even if we were still on the gold standard there is a good chance we have NONE.

    But that is better left for another thread.
     
  8. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    4,077
    4,649
    150
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. TrancëJay

    TrancëJay MDL Novice

    Apr 10, 2015
    19
    3
    0
    Never used any of them
     
  10. CHEF-KOCH

    CHEF-KOCH MDL Expert

    Jan 7, 2008
    1,198
    1,188
    60
    Because winrar is not an password manager, the password mechanism is optional. And it stores the saved passwords in plain text so this is a no-go.