Chat
Discord
07-26-2016, 07:21 PM
Password managers are programs which store randomly generated, powerful passwords for different sites you use on your computer. The database in which these passwords exist is encrypted by a single "master password" - like a key to a safe with all of your passwords in it.
They're good in a way because they can let you use unique, practically uncrackable passwords for each account you make on the internet. You only have to memorize one strong password and you're pretty much done. Also, it makes coming up with new passwords or even changing your current passwords set to a whole new one much less of a hassle.
On the other hand, I've always considered storing passwords on a day to day computer, in any form, to be a bad idea. It means one will always have to carry his password database everywhere if he wants to login, say to LFE, on another computer, and that can be inconvenient. This master password plus the database file can become a free pass to all of your passwords. While it's difficult to acquire the pair, it's still possible to obtain both with a malware which logs keys and sends files (I think it would've been smart for password managers to let databases be at least >= 1 GB in size. One would easily notice a long transfer going on with some program like networx and maybe manage to stop it). Had you kept your passwords stored in your head, the said malware would have at least only got access to passwords you typed while it lurked.
The main problem with not relying on password managers, depending on how many sites you login to, is that some of your passwords will probably be reused (or you'll be having a lot of fun with the "I forgot my password" button), and that's a bad idea since someone who's found out about some of your passwords will probably try it on a couple of other websites you use. Trying to use different passwords for different sites will affect how strong each of these individual passwords are (you can memorize so many easy passwords, but only a few difficult, more secure ones).
I'm still not using a password manager, but I've been seriously considering using one. Do you guys use password managers, and what do you think about them?
They're good in a way because they can let you use unique, practically uncrackable passwords for each account you make on the internet. You only have to memorize one strong password and you're pretty much done. Also, it makes coming up with new passwords or even changing your current passwords set to a whole new one much less of a hassle.
On the other hand, I've always considered storing passwords on a day to day computer, in any form, to be a bad idea. It means one will always have to carry his password database everywhere if he wants to login, say to LFE, on another computer, and that can be inconvenient. This master password plus the database file can become a free pass to all of your passwords. While it's difficult to acquire the pair, it's still possible to obtain both with a malware which logs keys and sends files (I think it would've been smart for password managers to let databases be at least >= 1 GB in size. One would easily notice a long transfer going on with some program like networx and maybe manage to stop it). Had you kept your passwords stored in your head, the said malware would have at least only got access to passwords you typed while it lurked.
The main problem with not relying on password managers, depending on how many sites you login to, is that some of your passwords will probably be reused (or you'll be having a lot of fun with the "I forgot my password" button), and that's a bad idea since someone who's found out about some of your passwords will probably try it on a couple of other websites you use. Trying to use different passwords for different sites will affect how strong each of these individual passwords are (you can memorize so many easy passwords, but only a few difficult, more secure ones).
I'm still not using a password manager, but I've been seriously considering using one. Do you guys use password managers, and what do you think about them?
![[Image: signature.png]](http://s3.postimg.org/wedqxlk3n/signature.png)
A-Engine: A new beat em up game engine inspired by LF2. Coming soon
A-Engine Dev Blog - Update #8: Timeout