• Hey there Guest!
    If you enjoy BCF and find our forum a useful resource, if you appreciate not having ads pop up all over the place and you want to ensure we can stay online - Please consider supporting with an "optional" low-cost annual subscription.
    **Upgrade Now**
    (PS: Subscribers don't see this UGLY banner)
Tips
Tips

Holy Crap! False Alarm

Share this page

DrEntropy

DrEntropy

Great Pumpkin
Platinum
Country flag
Offline
Basil said:
When I worked in the military and as a contractor on "sensitive" systems, we had to have very complex passwords AND we absolutely could not write them down ANYWHERE! We just had to remember them!
Click to expand...


One of my clients had me set up their "out-of-the-box" networks two decades back. Long story short: One of the sons came home after retiring from the Army a decade later (as a Major, he worked intel in Europe), he was appalled at his siblings' password 'insecurity' and he and I sat down and ~fixed~ it. Along with a real firewall came alpha-numeric eight and ten character passwords. But we DID write 'em down. That file went into the company safe and a copy came with me to secure. He moved on to other things and the company sold. I've had no contact with them since, but the Major and I remain friends and in contact.
 
OP
Basil

Basil

Administrator
Boss
Offline
DrEntropy said:
One of my clients had me set up their "out-of-the-box" networks two decades back. Long story short: One of the sons came home after retiring from the Army a decade later (as a Major, he worked intel in Europe), he was appalled at his siblings' password 'insecurity' and he and I sat down and ~fixed~ it. Along with a real firewall came alpha-numeric eight and ten character passwords. But we DID write 'em down. That file went into the company safe and a copy came with me to secure. He moved on to other things and the company sold. I've had no contact with them since, but the Major and I remain friends and in contact. [/COLOR]
Click to expand...

These days, for all my personal passwords and other sensitive info, I use a program (for Apple only I think) called 1Password. It requires me to remember only one master password to unlock the "vault". There, I can store all my passwords , credit card info, store secure notes, software license keys, bank info, etc. It allows you to create "tags" that you can assign to items that can help quickly find certain types of items very quickly. It also has a really cool security audit section that lets you know when you have weak passwords, duplicate passwords, or passwords that are getting old (6-12 months, 1-3 years, 3+ years old). One of the nicest features is something called "Watchtower" which you can see in the lower left of the second attached image. When you select watch tower, you will see a list of any websites that you have in your logins that have been compromised or had security breaches, thus alerting you that you need to change your password for that site. You can synch your password info across multiple devices by storing your password file (256-AES encrypted) on the iCloud or in Dropbox. That way, all devices always have the most current passwords info when changes are made.

1Password also has an extension for the Safari browser so that, when you go to a web site you can log in by simply clicking the 1Password icon in the browser (assuming you have unlocked the app.). I've used a lot of different password protection programs over the years but this one is definitely the best.

I keep an up-to-date printout of all the passwords in 1Password locked away in a fireproof safe. I periodically go through (at least once a year) and change important passwords, then print a new set and shred the old.

Screen Shot 2018-01-18 at 8.55.01 AM.jpg

Screen Shot 2018-01-18 at 9.00.25 AM.jpg

 
E

elrey

Darth Vader
Country flag
Offline
Speaking of security, I'm curious as to what PIN numbers and passwords you all use. If you could include your full name, throw in your mother's maiden name and your S.S. and date of birth I would be much obliged...Thanx in advance, Elrey
 
NutmegCT

NutmegCT

Great Pumpkin
Gold
Online
elrey said:
Speaking of security, I'm curious as to what PIN numbers and passwords you all use. If you could include your full name, throw in your mother's maiden name and your S.S. and date of birth I would be much obliged...Thanx in advance, Elrey
Click to expand...

My numbers and passwords? You already know - I've been using yours for quite a while.

:banana:
 
Bayless

Bayless

Yoda
Silver
Country flag
Online
I checked a few of the password managers for Linux and every one I found had at least one flaw that I didn't like. So I created my own. Like the Boss's, it is fully AES encrypted and uses a master password to "open the vault." It runs on all our computers, Linux, Windows and herself's iMac. Databases are stored locally as well as in the cloud (my web page in our case). She and I have separate databases with only the accounts we are interested in. But we mark those accounts that are common or shared between us and any changes to those accounts gets copied to the other's database. It doesn't do everything Basil described but does cover the most critical stuff. It can generate passwords and remind you to change based on parameters for each account. It also allows for storage of other information, such as the combination to my safe and security questions and answers for any sites that use them.
 
Top