I was going to mention Password Safe but see it was brought up already. I installed it on my Windows machine but really haven't tried using it. If it can, I will try to import my BitWarden info into it. Having a portable version of PS is the main reason I started looking at it, plus Bruce Schneier being involved with it.
-
Be sure to checkout “Tips & Tricks” Dear Guest Visitor → Once you register and log-in please checkout the “Tips & Tricks” page for some very handy tips!
/Steve. -
BootAble – FreeDOS boot testing freeware
To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.
GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.
The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.
You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.
(You may permanently close this reminder with the 'X' in the upper right.)
LastPass seems to have had data lifted based on some secrets that were lifted when they suffered a breach in August.
A little embarassing: https://www.bleepingcomputer.com/ne...hackers-accessed-customer-data-in-new-breach/
Quack quack oops!
A little embarassing: https://www.bleepingcomputer.com/ne...hackers-accessed-customer-data-in-new-breach/
Quack quack oops!
LastPass seems to have had data lifted based on some secrets that were lifted when they suffered a breach in August.
A little embarassing: https://www.bleepingcomputer.com/ne...hackers-accessed-customer-data-in-new-breach/
Quack quack oops!
Yeah
- and not much info yet. I'm a premium user but I am beginning to consider BitWarden. I know LastPass say they have zero knowledge of our passwords but with today's developing computational power, if a password vault is stolen then it's definitely very, very bad. Hoping to hear more from LastPass very soon!I just installed Proton's password manager for Windows, Proton Pass. They have had browser plug ins, but this is a desktop version for Windows, other OS's to follow. After a very quick install it was set to go. Two things I liked right away was the option to make it available offline and it's ability to use a Yubikey for unlocking.
I've been using Bitwarden and have no plans to stop, but as with most things a backup manager seems to be a good idea. Functionally it works very similar to Bitwarden with one exception which is minimizing the manager's window after copying a field so it's out of the way for the paste. There are quite a few import/ export options which may come in handy.
I currently have Password Safe as a strictly offline manager as my backup on a flash drive, but due to formats it doesn't import Bitwarden's data. I did copy/ pastes to populate PWS initially but it is a long process and updates are a pain.
If anyone is curious get the install file from Proton, and if anyone is using Proton Pass already what do you think of it.
I've been using Bitwarden and have no plans to stop, but as with most things a backup manager seems to be a good idea. Functionally it works very similar to Bitwarden with one exception which is minimizing the manager's window after copying a field so it's out of the way for the paste. There are quite a few import/ export options which may come in handy.
I currently have Password Safe as a strictly offline manager as my backup on a flash drive, but due to formats it doesn't import Bitwarden's data. I did copy/ pastes to populate PWS initially but it is a long process and updates are a pain.
If anyone is curious get the install file from Proton, and if anyone is using Proton Pass already what do you think of it.
Was still using Lastpass, sort of well the horse has already bolted, but got to update the hashing, and get a longer master password. But did install Bitwarden, but had not used it. Till something about Mozilla and lastpass borked, so was using the web version for a day, till I saw on Bitwarden they can actually import every last bit of the Lastpass stuff. So did that, and am slowly working my way through the list, should prune out old logins that are no longer needed, and already either had sites that had updated to 2FA, or I had changed passwords since the break, so should make the list smaller and better curated. Bonus is now the master password is still memorable by me, though it has grown a little more with the change, and now is over 30 characters, so might be safe for a few more years.
Lastpass took the export CSV file, and backed it up as well, in a zip that is password protected. One thing I do know is the lastpass Pocket does work, at least it does work under Linux, as I have used it to test, using an offline laptop, and I am able to get into the vault.
Lastpass took the export CSV file, and backed it up as well, in a zip that is password protected. One thing I do know is the lastpass Pocket does work, at least it does work under Linux, as I have used it to test, using an offline laptop, and I am able to get into the vault.
Bitwarden was my first manager and I still like it. I no longer use the browser plug in. When looking for an 'air gapped' manager as a backup Password Safe came up. I liked that it and it's data bases could be run from a flash drive and not reside on my laptop. Being able to enable a Yubikey as part of opening the program was another plus- in my mind at least.
I rarely open Password Safe except for a very occasional update. I haven't played around with Proton's new manager enough to get a really good feel for it, but for the most part it seems to function very close to Bitwarden. I like that the Proton manager can use a Yubikey to unlock the desktop app along with a password.
I rarely open Password Safe except for a very occasional update. I haven't played around with Proton's new manager enough to get a really good feel for it, but for the most part it seems to function very close to Bitwarden. I like that the Proton manager can use a Yubikey to unlock the desktop app along with a password.
Hey, I'm having trouble with Samsung Pass not working on my new device. Coming from an iPhone, I'm used to having a built-in password manager, but what are some free alternatives available for Android? Any recommendations?
Have you looked at BitWarden ( https://bitwarden.com/download/#downloads-mobile )? I free for some things (has a premium model for all features) but I have been using it on the desktop as a free replacement for LastPass and have been very happy?
One can NOT secure what they do NOT physically control! Convenience does NOT secure make, therefor Bitwarden is less secure by design (i.e., we've learned 'in the cloud' is NOT a place to lay ones trust).
True. At $JOB we are not permitted, by group policy, to add password manager extensions to our browsers. And, the proxy blocks those sites as well. They don't want passwords for internal services and cloud services we subscribe to (i.e. ServiceNow) on the Internet. They install keepass on our laptops.
Since discovering keepass those many moons ago, I installed it on my wife's Windows PC and I've installed keepassxc on my FreeBSD laptop. To back it up, just throw it onto a network share or external backup device.
Since discovering keepass those many moons ago, I installed it on my wife's Windows PC and I've installed keepassxc on my FreeBSD laptop. To back it up, just throw it onto a network share or external backup device.
would imagine people will go with the shortest possible password that fills the check-marks. I I certainly wouldn't want to type a 20+ character password every-time, nor have a different one for different uses. Even see them storing them in a file or something easy to copy
Learned early on, that people will either find the simplest password or write it down somewhere. We even had a card reader at one time, and people just canceled the registered credit card and left it at their desks
I can see that extensions are a weak point, but if you trust the password manager, what makes the extension less secure than the password manager? Guess it is a compromise between security and people following good practices
Been using enpass, and though the ui isn't perfect (1p was much better), I refused to have a cloud based storage. 1p and bitwarden (i think) store the db encrypted (or so they claim). My local db is always a problem and might be stolen, but I'm small potatoes compared to attacking the cloud of any of them
A lot of people write their password onto a post-it note, sticking to to the bottom of their keyboard. When I was still in the office I'd write down, "you won't find any password here," on a post-it note and stick it on the bottom of my keyboard. Kind-of like giving anyone who dared look the bird.
