Australian Politics Forum - Password managers

Redmond Neck Gold Member Offline OzPolitic Posts: 20696 ACT Gender:	Re: Password managers Reply #15 - Sep 21^st, 2019 at 2:46pm I have been using Robform for years can link to all your devices. Very good in my opinion https://www.roboform.com/
Back to top	BAN ALL THESE ABO SITES RECOGNITIONS. ALL AUSTRALIA IS FOR ALL AUSTRALIANS! IP Logged

Setanta

Gold Member

Offline

\/ Peace man!

Posts: 15914
Northern NSW
Gender: male

Re: Password managers
Reply #16 - Sep 21^st, 2019 at 6:13pm

Sprintcyclist wrote on Sep 21^st, 2019 at 11:58am:

Setanta wrote on Sep 20^th, 2019 at 10:21pm:

I used to remember all my passwords and it was hard. I've decided to get over it and rely on a password manager. I searched around for one that generated random, long, unrememberable passwords and found Chrome did it with a flag set and with a google account saved them across devices . Now don't get het up. Hear me out.

You can turn on random PW generation in Chrome(chrome://flags ->Automatic password generation). It's a bit of a pain to change a site password. Log in, delete the saved data, change password, generate password, save password somewhere else, copy and paste, tell chrome to remove the password from that site(chrome://settings/privacy Auto-fill->passwords) then log out, log in again and paste the password you saved. It's easy for new sites as there is no need for that. Don't change a password until you have copied the new one somewhere. I just paste it into a new browser tab as a temp. Then log in and have chrome/chromium save the new data.

You can export these passwords to use in other browsers or password managers.

So, I don't need a memory anymore and all my passwords are so obscure I couldn't remember them all anyway.

Good idea. I have been considering that too.

The IT department at work had a seminar on it, they recommended 'Lastpass'.
They had done the research. I have not joined it yet but will.

https://www.lastpass.com/

https://www.lastpass.com/

I contemplated last pass but it's had a couple of security breaches/flaws.

edit: My son uses windows and swears by enpass. It stores credentials locally though so you need to have a way to share it's files between devices.

Back to top

« Last Edit: Sep 21^st, 2019 at 6:26pm by Setanta »

IP Logged

Sprintcyclist Gold Member Offline OzPolitic Posts: 39506 Gender:	Re: Password managers Reply #17 - Sep 21^st, 2019 at 6:23pm Setanta - using Chrome password manager, do you just have to log into your laptop, then their manager will 'offer' all the passwords to you ? As people get more passwords, the use of a manager becomes more sensible
Back to top	Modern Classic Right Wing IP Logged

Setanta

Gold Member

Offline

\/ Peace man!

Posts: 15914
Northern NSW
Gender: male

Re: Password managers
Reply #18 - Sep 21^st, 2019 at 6:28pm

Sprintcyclist wrote on Sep 21^st, 2019 at 6:23pm:

Setanta - using Chrome password manager, do you just have to log into your laptop, then their manager will 'offer' all the passwords to you ?

As people get more passwords, the use of a manager becomes more sensible

Yes. If you want to sync them between all devices you use, you need to log into your google account and have sync turned on. In fact it will just log you in unless you tell it to just fill which is what I do. You may not always want to log in.

Back to top

IP Logged

Setanta

Gold Member

Offline

\/ Peace man!

Posts: 15914
Northern NSW
Gender: male

Re: Password managers
Reply #19 - Sep 21^st, 2019 at 6:38pm

Sprintcyclist wrote on Sep 21^st, 2019 at 11:58am:

Setanta wrote on Sep 20^th, 2019 at 10:21pm:

I used to remember all my passwords and it was hard. I've decided to get over it and rely on a password manager. I searched around for one that generated random, long, unrememberable passwords and found Chrome did it with a flag set and with a google account saved them across devices . Now don't get het up. Hear me out.

You can turn on random PW generation in Chrome(chrome://flags ->Automatic password generation). It's a bit of a pain to change a site password. Log in, delete the saved data, change password, generate password, save password somewhere else, copy and paste, tell chrome to remove the password from that site(chrome://settings/privacy Auto-fill->passwords) then log out, log in again and paste the password you saved. It's easy for new sites as there is no need for that. Don't change a password until you have copied the new one somewhere. I just paste it into a new browser tab as a temp. Then log in and have chrome/chromium save the new data.

You can export these passwords to use in other browsers or password managers.

So, I don't need a memory anymore and all my passwords are so obscure I couldn't remember them all anyway.

Good idea. I have been considering that too.

The IT department at work had a seminar on it, they recommended 'Lastpass'.
They had done the research. I have not joined it yet but will.

https://www.lastpass.com/

https://www.lastpass.com/

More to my last post re lastpass. This was the last one but it was fixed quickly.
https://www.bleepingcomputer.com/news/security/password-revealing-bug-quickly-fi...

Back to top

IP Logged

Sprintcyclist

Gold Member

Offline

OzPolitic

Posts: 39506
Gender: male

Re: Password managers
Reply #20 - Sep 21^st, 2019 at 7:46pm

Setanta wrote on Sep 21^st, 2019 at 6:28pm:

Sprintcyclist wrote on Sep 21^st, 2019 at 6:23pm:

Setanta - using Chrome password manager, do you just have to log into your laptop, then their manager will 'offer' all the passwords to you ?

As people get more passwords, the use of a manager becomes more sensible

Yes. If you want to sync them between all devices you use, you need to log into your google account and have sync turned on. In fact it will just log you in unless you tell it to just fill which is what I do. You may not always want to log in.

I use chrome.
My forms are filled in automatically, which is good.
Will sign into google and see what I have set there.

Back to top

Modern Classic Right Wing

IP Logged

Dnarever

Gold Member

Offline

Australian Politics

Posts: 57150
Here
Gender: male

Re: Password managers
Reply #21 - Sep 21^st, 2019 at 7:52pm

Setanta wrote on Sep 20^th, 2019 at 11:36pm:

Bobby. wrote on Sep 20^th, 2019 at 10:38pm:

There is a rumor that since Win95 - a long time ago that Bill Gates was forced
to hand over the source code of all the Windows operating systems to the the NSA who then passed it on all around the world.

This means that a State actor can send you a fake Windows update
that includes a key logger that sends all your keystrokes
to the Govt. so that any password is recorded.
Also, any file can be read on your hard disk remotely
and sent out by a temporarily open port.

You have no privacy - and you haven't since 1995.

Windows is wide open to Govt. agencies & possible many criminal actors.

Ummmm. I don't do windows. I had win 3.0 on a pc I bought. Then 3.1 upgrade but everything was DOS then anyway. I moved to OS/2 then to Linux. I haven't done windows since 1993.

Edit: I know that looks elitist. I've supported win for years for work. I just don't use it personally and wouldn't.

I think you miss the point - You cannot use a operating system that the government does not have a backdoor to. Not using windows makes no difference.

I remember in Australia the reason the mobile phone introduction was delayed was because the government could not monitor it at the time.

Back to top

IP Logged

Setanta

Gold Member

Offline

\/ Peace man!

Posts: 15914
Northern NSW
Gender: male

Re: Password managers
Reply #22 - Sep 21^st, 2019 at 9:36pm

Dnarever wrote on Sep 21^st, 2019 at 7:52pm:

Setanta wrote on Sep 20^th, 2019 at 11:36pm:

Bobby. wrote on Sep 20^th, 2019 at 10:38pm:

There is a rumor that since Win95 - a long time ago that Bill Gates was forced
to hand over the source code of all the Windows operating systems to the the NSA who then passed it on all around the world.

This means that a State actor can send you a fake Windows update
that includes a key logger that sends all your keystrokes
to the Govt. so that any password is recorded.
Also, any file can be read on your hard disk remotely
and sent out by a temporarily open port.

You have no privacy - and you haven't since 1995.

Windows is wide open to Govt. agencies & possible many criminal actors.

Ummmm. I don't do windows. I had win 3.0 on a pc I bought. Then 3.1 upgrade but everything was DOS then anyway. I moved to OS/2 then to Linux. I haven't done windows since 1993.

Edit: I know that looks elitist. I've supported win for years for work. I just don't use it personally and wouldn't.

I think you miss the point - You cannot use a operating system that the government does not have a backdoor to. Not using windows makes no difference.

I remember in Australia the reason the mobile phone introduction was delayed was because the government could not monitor it at the time.

Not sure I made any point like that and I don't agree with it anyway. Unless there are backdoors to every encryption method... It's why countries like the UK have key escrow laws. Be vigilant not paranoid.

Back to top

IP Logged

Bobby.

Gold Member

Offline

Australian Politics

Posts: 95255
Melbourne
Gender: male

Re: Password managers
Reply #23 - Sep 21^st, 2019 at 9:57pm

Setanta wrote on Sep 21^st, 2019 at 9:36pm:

Dnarever wrote on Sep 21^st, 2019 at 7:52pm:

Setanta wrote on Sep 20^th, 2019 at 11:36pm:

Bobby. wrote on Sep 20^th, 2019 at 10:38pm:

There is a rumor that since Win95 - a long time ago that Bill Gates was forced
to hand over the source code of all the Windows operating systems to the the NSA who then passed it on all around the world.

This means that a State actor can send you a fake Windows update
that includes a key logger that sends all your keystrokes
to the Govt. so that any password is recorded.
Also, any file can be read on your hard disk remotely
and sent out by a temporarily open port.

You have no privacy - and you haven't since 1995.

Windows is wide open to Govt. agencies & possible many criminal actors.

Ummmm. I don't do windows. I had win 3.0 on a pc I bought. Then 3.1 upgrade but everything was DOS then anyway. I moved to OS/2 then to Linux. I haven't done windows since 1993.

Edit: I know that looks elitist. I've supported win for years for work. I just don't use it personally and wouldn't.

I think you miss the point - You cannot use a operating system that the government does not have a backdoor to. Not using windows makes no difference.

I remember in Australia the reason the mobile phone introduction was delayed was because the government could not monitor it at the time.

Not sure I made any point like that and I don't agree with it anyway. Unless there are backdoors to every encryption method... It's why countries like the UK have key escrow laws. Be vigilant not paranoid.

Hi Set,
All the internet banking uses high level encryption.
What's to stop the security services such as ASIO or the NSA demanding the keys
and forcing the banks to hand them over and also
forcing the Banks to not tell us about it?

Well - I read at one time Snowden's comments, that it's exactly what happened.

Bill Gates was also forced to hand over all of Windows source code since 1995.

We don't have any real privacy.

Back to top

IP Logged

Setanta

Gold Member

Offline

\/ Peace man!

Posts: 15914
Northern NSW
Gender: male

Re: Password managers
Reply #24 - Sep 21^st, 2019 at 10:07pm

Bobby. wrote on Sep 21^st, 2019 at 9:57pm:

Setanta wrote on Sep 21^st, 2019 at 9:36pm:

Dnarever wrote on Sep 21^st, 2019 at 7:52pm:

Setanta wrote on Sep 20^th, 2019 at 11:36pm:

Bobby. wrote on Sep 20^th, 2019 at 10:38pm:

There is a rumor that since Win95 - a long time ago that Bill Gates was forced
to hand over the source code of all the Windows operating systems to the the NSA who then passed it on all around the world.

This means that a State actor can send you a fake Windows update
that includes a key logger that sends all your keystrokes
to the Govt. so that any password is recorded.
Also, any file can be read on your hard disk remotely
and sent out by a temporarily open port.

You have no privacy - and you haven't since 1995.

Windows is wide open to Govt. agencies & possible many criminal actors.

Ummmm. I don't do windows. I had win 3.0 on a pc I bought. Then 3.1 upgrade but everything was DOS then anyway. I moved to OS/2 then to Linux. I haven't done windows since 1993.

Edit: I know that looks elitist. I've supported win for years for work. I just don't use it personally and wouldn't.

I think you miss the point - You cannot use a operating system that the government does not have a backdoor to. Not using windows makes no difference.

I remember in Australia the reason the mobile phone introduction was delayed was because the government could not monitor it at the time.

Not sure I made any point like that and I don't agree with it anyway. Unless there are backdoors to every encryption method... It's why countries like the UK have key escrow laws. Be vigilant not paranoid.

Hi Set,
All the internet banking uses high level encryption.
What's to stop the security services such as ASIO or the NSA demanding the keys
and forcing the banks to hand them over and also
forcing the Banks to not tell us about it?

Well - I read at one time Snowden's comments, that it's exactly what happened.

Bill Gates was also forced to hand over all of Windows source code since 1995.

We don't have any real privacy.

If you consider it a fait accompli there is nothing more to be said. There is a reason people build encryption software. The source code is open. For your nightmare to be real everyone is in the govt's pocket. I know that is not the case. There was a time that encryption code was not allowed to be exported from the US. It was classed as a weapon I think but not all enc was made in the US. Times have changed. There is a reason Govts want to be able to muscle you for keys.

https://en.wikipedia.org/wiki/Brute-force_attack
See Theoretical limits.

Back to top

IP Logged

Bobby.

Gold Member

Offline

Australian Politics

Posts: 95255
Melbourne
Gender: male

Re: Password managers
Reply #25 - Sep 21^st, 2019 at 10:15pm

Setanta wrote on Sep 21^st, 2019 at 10:07pm:

If you consider it a fait accompli there is nothing more to be said. There is a reason people build encryption software. The source code is open. For your nightmare to be real everyone is in the govt's pocket. I know that is not the case. There was a time that encryption code was not allowed to be exported from the US. It was classed as a weapon I think but not all enc was made in the US. Times have changed. There is a reason Govts want to be able to muscle you for keys.

https://en.wikipedia.org/wiki/Brute-force_attack
See Theoretical limits.

Hi Set,
I know about encryption.
It would take much longer than the age of the universe to break some high level encryption.
That's why Govts. force institutions to hand over the keys for the prime
numbers that factor the key.
Snowden revealed it all.

Also - if there's a backdoor on any computer device -
they have access to the message before it's encrypted.

Quantum computers - if they ever build a large one - will be able to crack
prime number encryption with ease in only a few seconds.
I doubt that any such computer large enough has been made yet
but who's going to tell everyone if there is?

Back to top

IP Logged

Setanta

Gold Member

Offline

\/ Peace man!

Posts: 15914
Northern NSW
Gender: male

Re: Password managers
Reply #26 - Sep 21^st, 2019 at 10:33pm

Bobby. wrote on Sep 21^st, 2019 at 10:15pm:

Setanta wrote on Sep 21^st, 2019 at 10:07pm:

If you consider it a fait accompli there is nothing more to be said. There is a reason people build encryption software. The source code is open. For your nightmare to be real everyone is in the govt's pocket. I know that is not the case. There was a time that encryption code was not allowed to be exported from the US. It was classed as a weapon I think but not all enc was made in the US. Times have changed. There is a reason Govts want to be able to muscle you for keys.

https://en.wikipedia.org/wiki/Brute-force_attack
See Theoretical limits.

Hi Set,
I know about encryption.
It would take much longer than the age of the universe to break some high level encryption.
That's why Govts. force institutions to hand over the keys for the prime
numbers that factor the key.
Snowden revealed it all.

Also - if there's a backdoor on any computer device -
they have access to the message before it's encrypted.

Quantum computers - if they ever build a large one - will be able to crack
prime number encryption with ease in only a few seconds.
I doubt that any such computer large enough has been made yet
but who's going to tell everyone if there is?

Why worry then? People are creative beings. For every govt and it's resources there are thousands working in your favour. It's a war of intellect and many take up the challenge. Not my thing anymore but I've broken a few in days of yor. Who would have thunk I could break QEMM(Quarterdeck) encryption back in the day. I did, my hobby was breaking things like that. I have an old and fading book full of shyte like that. That was simple stuff, XOR with keys and not like today's encryption. As long as you can hold out against govt torture, your data is probably safe if you use opensource encryption.

I should take some pics of it even though I have no idea now what was scribbled then.

Edit: I do know, just that the memory addresses are meaningless now. It just looks like a bunch of hex and memory addresses.

Back to top

« Last Edit: Sep 21^st, 2019 at 11:06pm by Setanta »

IP Logged

Bobby.

Gold Member

Offline

Australian Politics

Posts: 95255
Melbourne
Gender: male

Re: Password managers
Reply #27 - Sep 21^st, 2019 at 11:13pm

Setanta wrote on Sep 21^st, 2019 at 10:33pm:

Why worry then? People are creative beings. For every govt and it's resources there are thousands working in your favour. It's a war of intellect and many take up the challenge. Not my thing anymore but I've broken a few in days of yor. Who would have thunk I could break QEMM(Quarterdeck) encryption back in the day. I did, my hobby was breaking things like that. I have an old and fading book full of shyte like that. That was simple stuff, XOR with keys and not like today's encryption. As long as you can hold out against govt torture, your data is probably safe if you use opensource encryption.

I should take some pics of it even though I have no idea now what was scribbled then.

Edit: I do know, just that the memory addresses are meaningless now. It just looks like a bunch of hex and memory addresses.

Hi Set,
I'm not worried,
I'm not doing anything wrong.
I just get annoyed at the lack of privacy.
Can't the Govt. be satisfied that they might not know everything?
It seems that we live in an Orwellian society.
Because there are some bad people then everyone must lose their privacy for the good of all. Huh

Back to top

IP Logged

Setanta

Gold Member

Offline

\/ Peace man!

Posts: 15914
Northern NSW
Gender: male

Re: Password managers
Reply #28 - Sep 21^st, 2019 at 11:15pm

Bobby. wrote on Sep 21^st, 2019 at 11:13pm:

Setanta wrote on Sep 21^st, 2019 at 10:33pm:

Why worry then? People are creative beings. For every govt and it's resources there are thousands working in your favour. It's a war of intellect and many take up the challenge. Not my thing anymore but I've broken a few in days of yor. Who would have thunk I could break QEMM(Quarterdeck) encryption back in the day. I did, my hobby was breaking things like that. I have an old and fading book full of shyte like that. That was simple stuff, XOR with keys and not like today's encryption. As long as you can hold out against govt torture, your data is probably safe if you use opensource encryption.

I should take some pics of it even though I have no idea now what was scribbled then.

Edit: I do know, just that the memory addresses are meaningless now. It just looks like a bunch of hex and memory addresses.

Hi Set,
I'm not worried,
I'm not doing anything wrong.
I just get annoyed at the lack of privacy.
Can't the Govt. be satisfied that they might not know everything?
It seems that we live in an Orwellian society.
Because there are some bad people then everyone must lose their privacy for the good of all. Huh

I'm not fond of the "think of the children" excuse. Fuck the children.

Back to top

IP Logged

Bobby.

Gold Member

Offline

Australian Politics

Posts: 95255
Melbourne
Gender: male

Re: Password managers
Reply #29 - Sep 21^st, 2019 at 11:20pm

Setanta wrote on Sep 21^st, 2019 at 11:15pm:

Bobby. wrote on Sep 21^st, 2019 at 11:13pm:

Setanta wrote on Sep 21^st, 2019 at 10:33pm:

Why worry then? People are creative beings. For every govt and it's resources there are thousands working in your favour. It's a war of intellect and many take up the challenge. Not my thing anymore but I've broken a few in days of yor. Who would have thunk I could break QEMM(Quarterdeck) encryption back in the day. I did, my hobby was breaking things like that. I have an old and fading book full of shyte like that. That was simple stuff, XOR with keys and not like today's encryption. As long as you can hold out against govt torture, your data is probably safe if you use opensource encryption.

I should take some pics of it even though I have no idea now what was scribbled then.

Edit: I do know, just that the memory addresses are meaningless now. It just looks like a bunch of hex and memory addresses.

Hi Set,
I'm not worried,
I'm not doing anything wrong.
I just get annoyed at the lack of privacy.
Can't the Govt. be satisfied that they might not know everything?
It seems that we live in an Orwellian society.
Because there are some bad people then everyone must lose their privacy for the good of all. Huh

I'm not fond of the "think of the children" excuse. Fuck the children.

LOLO - what about WhatsApp?
a supposed encrypted system that could not be broken:
https://www.thenewsminute.com/article/new-vulnerability-detected-whatsapp-allowi...

WhatsApp has been fighting with governments and law enforcement agencies that its messaging service is encrypted end-to-end and there is no way it can be intercepted or broken into. An Israeli cybersecurity firm has smashed this claim by demonstrating that not only can they intercept and decrypt a WhatsApp message but they can change the sender’s identity as well.

Back to top

IP Logged