LastPass, KeePass, 1Password, etc - A good solution to password management?

[Sonar]

not had a problem with lastpass yet been using it a while.

[J.C]

I'll give LastPass Premium a try, bought 1-year.

- Multifactor

- Withlist login

- LastPass generated passwords (alpha + special + long)

- Block Tor

- Fingerprint

- Secure master-key

Edited September 23, 2013 by J.C

[kakuro]

For me both Lastpass and Keepass is very good.

I use Lastpass to manage passwords online and Keepass for offline.

Edited September 23, 2013 by kakuro

[ande]

Forgot to mention Password Depot, this one is also very good and worth considering if paid product is what you are looking for.

[avmad]

It scares the bejusus out of me to keep my passwords online, so I use KeePass. Loads of addons for it to work in most browsers. Back it up to a truecrypt usb or something. Major problem that bugs me is if it won't work in my obscure browsers (ie Roboform) :D Apart from that I liked robo.

I've had online accounts but never really used them such as Lastpass. Then I had emails from them saying they'd been hacked. Put me off for life. :(

Sticky gets given away quite regularly if you want that.

If you have facebook

https://www.facebook.com/stickypassword?sk=app_137541772984354

Edited September 23, 2013 by avmad

[realraydon]

i personally prefer Random Password Generator. but why we need so many passwords? Coming up with a password almost killed me.

[hpwamr]

Well as everybody knows I use Roboform (Nsandown main choice and frontpaged password manager), but I have to admit I'm impressed with Last Pass. I've been testing it for a while now in a virtual machine and it is very good. Also, I find it as safe as CoolZoid mentioned above :showoff:

Hello Siddharta,

Very glad to see you again ! :)

I've tested also keespass, Roboform and Last Pass, but I'm more impressed with Sticky Password 7.

- very easy to use

- no invasive toolbar, just a small icon on the top right side

- very easily portable on usb device without the needs to install other program as Roboform2go

- etc...

PS: Kaspersky Password Manager use the same engine and GUI but with other color ;) . (I prefer using the original to the copy :rolleyes: )

Have a nice WE

Edited October 26, 2013 by hpwamr

[J.C]

I'm using LastPass Premium for about 1~2 months, and I have to say, it's awesome!!

I know there're plenty of people that don't like services like that, where your's passwords are stored off-site, but LastPass is doing a great work.

Some tips:

- Use, a really strong master password for your LastPass account, and remember it.

- Don't let LastPass generate passwords for critical sites and services, like email, bank accounts, and so on. Instead, elaborate a strong password yourself and remember it. Sometimes you'll need to access these services and maybe you won't be able to use LastPass;

- Besides the critical sites I mentioned, let LastPass generate all others passwords for you. Use a strong policy like:

- Now go to LastPass settings:

[General]

1. Enable "Only allow login from selected countries"

2. Enable "Disallow logins from Tor network"

[security]

3. Enable "Fingerprint Reader Authentication" (If your computer has it)

4. Change "Prompt for LastPass master password when", in a way that you fell comfortable

[Multifactor Options]

5. Enable and configure Google Authenticator

And keep an eye on [Mobile Devices] and [Trusted Computers].

With these simple steps you get a 90%+ Security score (as LastPass challenge says).

Edited October 27, 2013 by J.C

[realraydon]

Agree. :yes:

As far as I know, LastPass and others, only store passwords for sites!

I use and recommend KeePass, as you can store passwords for anything.

For example I have passwords there for my modem router.

You can save attachments too, like pictures or anything else.

It's also cross platform, a little ugly on Linux though...

And it's very secure, you can use several methods at the same time.

You can use a normal password, the Windows' user account password and an encrypted file; the most secure method this last one.

Even if your passwords file is stolen it will take forever to decrypt. ;)

[J.C]

Agree. :yes:

As far as I know, LastPass and others, only store passwords for sites!

I use and recommend KeePass, as you can store passwords for anything.

For example I have passwords there for my modem router.

You can save attachments too, like pictures or anything else.

It's also cross platform, a little ugly on Linux though...

And it's very secure, you can use several methods at the same time.

You can use a normal password, the Windows' user account password and an encrypted file; the most secure method this last one.

Even if your passwords file is stolen it will take forever to decrypt. ;)

Forever to decrypt a NTLM password? haha.

LastPass isn't only for sites, you can save "secure notes" too.

[J.C]

UPDATE: Last Pass 3.0 is out

Simple awesome, much, much better than the old and super horrible interface.

>> Official announcement

v3.0.0 - Nov 4th 2013 -- All Browsers

• New: LastPass icon in input fields can now be clicked, replaces notification bar to fill.
• New: Chrome UI gets a complete redesign.
• New: Android app has a modern 'holo' UI, multitab support, clickable icons, better search.
• New: iOS app also now has a multitab browser, clickable icons, better search.
• New: LastPass Family Feature - premium users get 1 shared folder that they can share with up to 5 family members.
• New: Immediate syncing for all users.
• New: Search directly from toolbar dropdown menu.
• New: Website and Enterprise Console redesign.
• New: Transakt multifactor option.
• New: Better cleanup of generated passwords.
• New Enterprise Feature: Shared Folders can be shared with LastPass users outside your enterprise (up to 3 per folder).
• New Enterprise Feature: Policy to require multifactor login for enterprise console.
• Improved: Windows Metro app UI updated, fixes for Windows 8.1.
• Improved: LastPass for Applications now has type-to-search, window matching, environment variable expansion, and a "copy application" command to make it easier to work with many entries of the same application.
• Resolved: Chrome basic auth filling fixed.
• Resolved: IE local vault fixed on Windows 8.1.

[hpwamr]

To note new Sticky Password, v7, is releasing soon, v7 comes with Cloud and data synchronization which is from my perspective very bad.

Hello ande,

FYI : Sticky Password 7 offers 2 versions :

• Online with Sync called "Sticky Password "

• Offline without Sync called "Sticky Password Desktop"

Within the installation of SP 7, you can decide which one you want to install and using !

To choose the Offline version :

• At the installation, simply Skip the panel with "StickyID & StickyPass & Email Address".
• Voila once the installation terminated, you're using the Offline version "Sticky Password Desktop" ! :rolleyes:

More about: http://www.nsaneforums.com/topic/194456-sticky-password-70324/

Sticky Password 7 offers these types of licenses:

Sticky Password – Our flagship product with cloud synchronization, enabling you to use Sticky Password on PCs, Android and iOS devices. All encryption is done on your devices, no unencrypted data ever leave your computer or mobile. USB portability of course part of the license. This license is per user and valid by default for 1 year and covers all your devices connected to your one online synchronization account (StickyAccount).

Sticky Password Desktop – Windows only version without online synchronization and no portability to other devices and platforms. USB portability part of the license. This license is per 1 computer (covers all user profiles on the given computer) and valid for version 7.

Examples:

• John has 1 PC at home, 1 laptop for work and travel and 1 mobile device with Android operating system. He wants to have all his passwords with him all the time. The best option for him is 1 Sticky Password 7 (online) license which covers all his devices and is valid for 1 year.
• Erika has 1 PC at home and 1 at work. She want to have her passwords on both devices but she doesn't want to have them synchronized automatically. Best option for her is 2 Sticky Password Desktop licenses and she can transfer the database using the Portable version.

For mobile only users, Sticky Password can be used for example in these scenarios:

• Sticky Password - as a 30-day trial license or paid license (Sticky Password - 1 user, 1 year, all devices): used in online mode = connected to your online synchronization account (StickyAccount). Able to synchronize data via the online account to any other supported platform (Windows desktop or notebook, Android mobile phone, iOS tablet / iPad etc.).
• As a free license - after 30-day Trial expiration: used in standalone offline mode = not connected to an online synchronization account (StickyAccount). Helping you to organize your passwords just on your mobile device without any online synchronization, but without any other functional limits. Note: If you don't have any mobile device like mobile phone or tablet, but still want to automatically synchronize between multiple PCs, you can buy the Sticky Password license, which can synchronize these PCs.

Sticky Password 7 terminology

Product line:

Sticky Password – complete product including all platforms and synchronization

Sticky Password Desktop – The Windows only version without synchronization

Sticky Password for iOS, Sticky Password for Android – standalone products without synchronization. With synchronization these are part of the complete „Sticky Password“ flagship.

Sticky Password Free – limited Sticky Password product. This product is not available as a separate product. You can only switch to it from expired subscription or trial version.

Synchronization related terms:

StickyID – your e-mail address required as an unique identifier for syncrhonization service and access to StickyPortal

StickyPass – password required in combination with StickyID to connect to your synchronization service and/or to access StickyPortal (Sticky Portal is a place where you can manage settings of your StickyAccount like for example device authentication, list of trusted evices etc.). This is NOT your Master Password.

StickyAccount – a cloud account giving you access to StickyPassword synchronization services. For proper authorization to StickyAccount you need a combination of StickyID and StickyPass.

StickyPortal – password-protected part of our website where you can manage your StickyAccount (e.g. license, authorized devices etc.)

Authorization related terms:

One-time PIN – a PIN code required if 2-factor authorization is enabled to authorize connection of a new device to StickyAccount (this setting can be changed in StickyPortal -> tab Settings -> section Authorization). The PIN is automatically sent to your StickyID (e-mail) or Alternative email (if specified) and must be entered after your StickyAccount credentials (StickyID and StickyPass) have been entered. Once a correct PIN has been entered, the device will be added to the trusted devices list.

More on Support

Edited December 5, 2013 by hpwamr

[payday]

I use and recommend KeePass, portable version. Very good, safe and easy to use. :P

Edited November 30, 2013 by payday

[StarshipSpaceX]

Lastpass is good.

[hpwamr]

I use and recommend KeePass, portable version. Very good, safe and easy to use. :P

I use and recommend Sticky Password 7 Desktop version (lastest 7.0.3.30) . Very good, very safe and very easy to use. :P ;) :rolleyes: