Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.sys.mac.misc > #8033 > unrolled thread

Do you use a password manager?

Back to article view | Back to comp.sys.mac.misc

Contents

  Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-12 09:53 +0000
    Re: Do you use a password manager? Wade Garrett <wade@cooler.net> - 2021-07-12 07:37 -0400
      Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-12 07:41 -0400
      Re: Do you use a password manager? Calum <com.gmail@nospam.scottishwildcat> - 2021-07-12 13:59 +0100
      Re: Do you use a password manager? "Andy K." <andy.k466@gmail.com> - 2021-07-12 15:14 +0200
        Re: Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-12 21:45 +0000
      Re: Do you use a password manager? Scott Alfter <scott@alfter.diespammersdie.us> - 2021-07-12 15:17 +0000
        Re: Do you use a password manager? Lamey <lametroll@invalid.invalid> - 2021-07-12 09:36 -0600
          Re: Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-12 21:46 +0000
          Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-07-19 10:43 -0400
      Re: Do you use a password manager? Rich <rich@example.invalid> - 2021-07-12 15:40 +0000
      Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-12 11:52 -0700
        Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-12 19:58 +0000
          Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-12 13:15 -0700
            Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-12 16:27 -0400
              Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-12 13:48 -0700
                Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-12 17:14 -0400
                  Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-12 14:43 -0700
                    Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-12 18:11 -0400
                      Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-12 15:52 -0700
                        Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-12 19:18 -0400
                          Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-12 16:57 -0700
                            Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-12 20:25 -0400
                              Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-12 21:41 -0700
                                Re: Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-14 07:10 +0000
                            Re: Do you use a password manager? Rich <rich@example.invalid> - 2021-07-13 01:08 +0000
                            Re: Do you use a password manager? Scott Alfter <scott@alfter.diespammersdie.us> - 2021-07-13 14:43 +0000
                            Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-13 15:59 +0000
                              Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-13 13:55 -0700
            Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-13 15:48 +0000
              Re: Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-14 07:04 +0000
      Re: Do you use a password manager? om@iki.fi (Otto J. Makela) - 2021-07-16 16:34 +0300
        Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-07-16 15:06 +0000
          Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-16 20:10 +0000
            Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-07-16 21:51 +0000
              Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-16 22:05 +0000
                Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-07-16 22:19 +0000
        Re: Do you use a password manager? Wade Garrett <wade@cooler.net> - 2021-07-16 11:19 -0400
      Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-07-19 10:42 -0400
        Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-19 11:08 -0700
          Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-19 14:12 -0400
          Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-19 20:07 +0000
            Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-19 14:15 -0700
          Re: Do you use a password manager? Richard Kettlewell <invalid@invalid.invalid> - 2021-07-20 09:15 +0100
            Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-20 20:13 +0000
          Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-07-20 16:39 -0400
            Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-20 15:52 -0700
    Re: Do you use a password manager? Jolly Roger <jollyroger@pobox.com> - 2021-07-12 15:28 +0000
      Re: Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-12 21:51 +0000
        Re: Do you use a password manager? Jolly Roger <jollyroger@pobox.com> - 2021-07-13 17:15 +0000
    Re: Do you use a password manager? Oregonian Haruspex <no_email@invalid.invalid> - 2021-07-14 01:29 +0000
      Re: Do you use a password manager? % <pursent100@gmail.com> - 2021-07-13 18:43 -0700
        Re: Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-14 07:00 +0000
    Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-07-19 10:40 -0400
      Re: Do you use a password manager? Unbreakable Disease <unbreakable@secmail.pro> - 2021-07-22 08:52 +0000
        Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-07-22 09:52 -0400
          Re: Do you use a password manager? Unbreakable Disease <unbreakable@danwin1210.me> - 2021-07-27 11:27 +0000
            Re: Do you use a password manager? Your Name <YourName@YourISP.com> - 2021-07-28 08:30 +1200
              Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-27 17:30 -0400
              Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-07-27 22:47 +0000
                Re: Do you use a password manager? Your Name <YourName@YourISP.com> - 2021-07-28 15:40 +1200
                  Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-07-28 08:41 +0000
                  Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-28 12:35 +0000
              Re: Do you use a password manager? om@iki.fi (Otto J. Makela) - 2021-07-28 10:52 +0300
              Re: Do you use a password manager? Scott Alfter <scott@alfter.diespammersdie.us> - 2021-07-28 17:45 +0000
              Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-28 22:30 +0000
                Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-07-28 18:56 -0400
                  Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-07-29 07:38 +0000
    Re: Do you use a password manager? Dreamer In Colore <dreamerincolore@hotmail.com> - 2021-07-21 13:28 -0400
      Re: Do you use a password manager? Keith Thompson <Keith.S.Thompson+u@gmail.com> - 2021-07-21 12:31 -0700
        Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-07-21 21:00 +0000
          Re: Do you use a password manager? Ben Bacarisse <ben.usenet@bsb.me.uk> - 2021-07-22 01:23 +0100
            Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-07-22 08:46 +0000
    Re: Do you use a password manager? rtr <rtr@nospam.invalid> - 2021-11-28 06:51 +0800
      Re: Do you use a password manager? Bob Eager <news0009@eager.cx> - 2021-11-27 23:40 +0000
      Re: Do you use a password manager? Your Name <YourName@YourISP.com> - 2021-11-28 14:26 +1300
        Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-12-01 18:51 -0500
          Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-12-01 19:00 -0500
            Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-12-01 19:46 -0500
              Re: Do you use a password manager? nospam <nospam@nospam.invalid> - 2021-12-01 20:42 -0500
                Re: Do you use a password manager? Alan Browne <bitbucket@blackhole.com> - 2021-12-02 08:25 -0500
      Re: Do you use a password manager? om@iki.fi (Otto J. Makela) - 2021-11-28 14:16 +0200
        Re: Do you use a password manager? rtr <rtr@nospam.invalid> - 2021-11-28 21:06 +0800
        Re: Do you use a password manager? The Real Bev <bashley101@gmail.com> - 2021-11-29 10:31 -0800
      Re: Do you use a password manager? Anssi Saari <as@sci.fi> - 2021-11-29 13:01 +0200
        Re: Do you use a password manager? Lewis <g.kreme@kreme.dont-email.me> - 2021-11-29 15:52 +0000
    Re: Do you use a password manager? Matti Haveri <nospam@here.invalid> - 2022-02-05 14:43 +0200
      Re: Do you use a password manager? The Real Bev <bashley101@gmail.com> - 2022-02-05 09:41 -0800
        Re: Do you use a password manager? Dan Purgert <dan@djph.net> - 2022-02-05 19:03 +0000
        Re: Do you use a password manager? Matti Haveri <nospam@here.invalid> - 2022-02-06 11:39 +0200
    Re: Do you use a password manager? gtr <xxx@yyy.zzz> - 2022-02-06 19:27 +0000
      Re: Do you use a password manager? Siri Cruise <chine.bleu@yahoo.com> - 2022-02-06 18:21 -0800
        Re: Do you use a password manager? The Real Bev <bashley101@gmail.com> - 2022-02-07 14:57 -0800
          Re: Do you use a password manager? Siri Cruise <chine.bleu@yahoo.com> - 2022-02-07 19:21 -0800
      Re: Do you use a password manager? El Kabong <twang@the.noodle> - 2022-02-06 22:16 -0800
    Re: Do you use a password manager? gtr <xxx@yyy.zzz> - 2022-02-12 21:35 +0000

Page 4 of 5 — ← Prev page 1 2 3 [4] 5  Next page →

#8181

On 2021-07-27 22:47:01 +0000, Bob Eager said:
> On Wed, 28 Jul 2021 08:30:16 +1200, Your Name wrote:
>> 
>> With the source code available for free, it also means the hackers can
>> more easily work out how to steal your information. Using open source or
>> hacked pirated versions for anything even remotely to do with security
>> is simply incredibly silly.
> 
> Ah, a proponent of security through obscurity.
> 
> I think not.

I guess that's why the banks leave their vault doors open all night.  :-\

[toc] | [prev] | [next] | [standalone]

#8183

On Wed, 28 Jul 2021 15:40:13 +1200, Your Name wrote:

> On 2021-07-27 22:47:01 +0000, Bob Eager said:
>> On Wed, 28 Jul 2021 08:30:16 +1200, Your Name wrote:
>>> 
>>> With the source code available for free, it also means the hackers can
>>> more easily work out how to steal your information. Using open source
>>> or hacked pirated versions for anything even remotely to do with
>>> security is simply incredibly silly.
>> 
>> Ah, a proponent of security through obscurity.
>> 
>> I think not.
> 
> I guess that's why the banks leave their vault doors open all night. 
> :-\

Non sequitur.



-- 
Using UNIX since v6 (1975)...

Use the BIG mirror service in the UK:
 http://www.mirrorservice.org

[toc] | [prev] | [next] | [standalone]

#8184

In message <sdqjit$aif$1@gioia.aioe.org> Your Name <YourName@YourISP.com> wrote:
> On 2021-07-27 22:47:01 +0000, Bob Eager said:
>> On Wed, 28 Jul 2021 08:30:16 +1200, Your Name wrote:
>>> 
>>> With the source code available for free, it also means the hackers can
>>> more easily work out how to steal your information. Using open source or
>>> hacked pirated versions for anything even remotely to do with security
>>> is simply incredibly silly.
>> 
>> Ah, a proponent of security through obscurity.
>> 
>> I think not.

> I guess that's why the banks leave their vault doors open all night.  :-\

You obviously have no idea what "security by obscurity" means. A vault
is not obscure. If you hide you money in a hollow book, that would be
security by obscurity.



-- 
Demons have existed on the Discworld for at least as long as the
	gods, who in many ways they closely resemble. The difference is
	basically the same as between terrorists and freedom fighters.

[toc] | [prev] | [next] | [standalone]

#8182

Your Name <YourName@YourISP.com> wrote:

> With the source code available for free, it also means the hackers can
> more easily work out how to steal your information. Using open source
> or hacked pirated versions for anything even remotely to do with
> security is simply incredibly silly.

"Hacked pirated" versions aside, security by obscurity never works in
the long run.

The security of cryptosystems should depend on things like your key
management, not that nobody has got their hands on the source code.
Widely used systems like openssl are open source and better for it,
as they have open audits of how they are builts.

-- 
   /* * * Otto J. Makela <om@iki.fi> * * * * * * * * * */
  /* Phone: +358 40 765 5772, ICBM: N 60 10' E 24 55' */
 /* Mail: Mechelininkatu 26 B 27,  FI-00100 Helsinki */
/* * * Computers Rule 01001111 01001011 * * * * * * */

[toc] | [prev] | [next] | [standalone]

#8185

In article <sdpqco$1erg$1@gioia.aioe.org>,
Your Name  <YourName@YourISP.com> wrote:
>With the source code available for free, it also means the hackers can 
>more easily work out how to steal your information. Using open source 
>or hacked pirated versions for anything even remotely to do with 
>security is simply incredibly silly.

Security by obscurity?  Please tell us you're joking...this has to be one of
the most ignorant comments I've seen on Usenet in a good long while.

If you have access to the source code, you can verify that (1) secure
algorithms are in use and (2) those algorithms have been properly translated
into secure code that works.  Without source code, you're potentially buying
a pig in a poke.

  _/_
 / v \ Scott Alfter (remove the obvious to send mail)
(IIGS( https://alfter.us/           Top-posting!
 \_^_/                              >What's the most annoying thing on Usenet?

[toc] | [prev] | [next] | [standalone]

#8186

In message <sdpqco$1erg$1@gioia.aioe.org> Your Name <YourName@YourISP.com> wrote:
> On 2021-07-27 11:27:00 +0000, Unbreakable Disease said:
>> On 22.07.2021 13:52, Alan Browne wrote:
>>> On 2021-07-22 04:52, Unbreakable Disease wrote:
>>>> On 19.07.2021 14:40, Alan Browne wrote:
>>>>> 
>>>>> You can keep the encrypted master file on iCloud or Dropbox so it's 
>>>>> available to all of your devices.  Avoid the 'rent' model if possible.
>>>> 
>>>> You can use any FOSS password manager. For me, anything that is not 
>>>> FOSS is automatically suspicious (including 1Password). I don't trust 
>>>> proprietary software and try to reduce its usage to minimum.
>>> 
>>> 1Password has proven itself over time.  I like companies that pay 
>>> employees to do things right when it's a critical component.
>>> 
>>> Free?  "You get what you pay for."  So unless it's a wildly widespread 
>>> and popular package with many people maintaining it, it tends to crud.
>>> 
>>> The Gimp refers.
>> 
>> Well, I like free software. It's not always of the same quality as 
>> commercial software, but at least its security can be tested by many 
>> experts in the industry easily as anyone has access to the source code. 
>> Anyone can read and edit it... understanding and making it work not so 
>> much.

> With the source code available for free, it also means the hackers can 
> more easily work out how to steal your information. Using open source 
> or hacked pirated versions for anything even remotely to do with 
> security is simply incredibly silly.

Once again you demonstrate a complete lack of knowledge on a topic. The
VAST majority of encryption is done with open source tools, you nimrod.
Not on;y that, but when companies try to write their own (like Telegram)
it turns out they write shitty software with massive security holes.

Please stop trying to weigh in on things you know absolutely nothing
about, it's embarrassing.

-- 
"Are you pondering what I'm pondering?"
"Sure, Brain, but how are we going to find chaps our size?"

[toc] | [prev] | [next] | [standalone]

#8187

In article <slrnsg3mjk.2fg5.g.kreme@m1mini.local>, Lewis
<g.kreme@kreme.dont-email.me> wrote:

> In message <sdpqco$1erg$1@gioia.aioe.org> Your Name <YourName@YourISP.com>
> wrote:
> > With the source code available for free, it also means the hackers can 
> > more easily work out how to steal your information. Using open source 
> > or hacked pirated versions for anything even remotely to do with 
> > security is simply incredibly silly.
> 
> Once again you demonstrate a complete lack of knowledge on a topic. The
> VAST majority of encryption is done with open source tools, you nimrod.
> Not on;y that, but when companies try to write their own (like Telegram)
> it turns out they write shitty software with massive security holes.
> 
> Please stop trying to weigh in on things you know absolutely nothing
> about, it's embarrassing.

that would mean an end to his posts...

[toc] | [prev] | [next] | [standalone]

#8188

In message <280720211856021661%nospam@nospam.invalid> nospam <nospam@nospam.invalid> wrote:
> In article <slrnsg3mjk.2fg5.g.kreme@m1mini.local>, Lewis
> <g.kreme@kreme.dont-email.me> wrote:

>> In message <sdpqco$1erg$1@gioia.aioe.org> Your Name <YourName@YourISP.com>
>> wrote:
>> > With the source code available for free, it also means the hackers can 
>> > more easily work out how to steal your information. Using open source 
>> > or hacked pirated versions for anything even remotely to do with 
>> > security is simply incredibly silly.
>> 
>> Once again you demonstrate a complete lack of knowledge on a topic. The
>> VAST majority of encryption is done with open source tools, you nimrod.
>> Not on;y that, but when companies try to write their own (like Telegram)
>> it turns out they write shitty software with massive security holes.
>> 
>> Please stop trying to weigh in on things you know absolutely nothing
>> about, it's embarrassing.

> that would mean an end to his posts...

<fingers crossed>

-- 
'The trouble with my friend here is that he doesn't know the
	difference between a postulate and a metaphor of human existence.
	Or a hole in the ground.' --Pyramids

[toc] | [prev] | [next] | [standalone]

#8140

On Mon, 12 Jul 2021 09:53:00 +0000, Unbreakable Disease
<unbreakable@secmail.pro> wrote:

>My 50-year old brain isn't capable of memorizing that many passwords 
>anymore, so I use KeePassXC. I keep basically everything here including 
>my financial passwords and credit card data, with the exception of 
>passwords that I would have to remember anyway (full-disk encryption, 
>login, primary e-mail passwords, etc.)
>
>Overall, it's much easier to remember and much harder to forget 10 
>complicated passwords that you use everyday than 100+ simple passwords 
>you use every month or even less.
>
>I can't speak about Windows version of KeePass, because with the 
>exception of playing games not available on Macintosh, I haven't used 
>one since Windows 95 days.

For what it's worth, I like LastPass. I'm not crazy about the fact
that I can't use it on multiple devices without having to pay for it,
but I can't begrudge the software developers over there the right to
earn a living.

The best strengths in current password technology are in passphrases:

https://useapassphrase.com

There's some great stats in there, such as the amount of time it takes
to crack common spatial word passwords such as "qwerty" or "aaaaaa"...
10 milliseconds.

Or how long it takes to crack a password that's a date like
"03261981"... 2.213 seconds.

However, if you use a sequence of four randomly chosen words like
"mergers decade labeled manager", it'll take 6 million centuries to
crack.

So.

I've converted all my passwords to sequences of four to six words; and
I have an email account at a provider that I've never used to send
email to anyone, or to use as the id for any website. There, I have a
draft of an email saved that holds the information.

I now only need to remember one password, and I can get to everything.
As for the remote chance that the email provider will cease to exist,
I made backup accounts with other major providers, because paranoia.

I don't use email apps to access my password storage account; and I
use Tor to get to it for the sake of anonymity. I'd be fairly
impressed if someone got through that level of security, and it's
probably overkill, but why take the risk?

While I'm at it... does everyone know about 

https://haveibeenpwned.com

You can put your email address in there, and see if it's been involved
in any large-scale thefts. It's got records going back years, and I
was fairly shocked to see that my wife's account had been hacked years
ago.

-- 
Cheers,
Dreamer
AA 2306

"The fact that a believer is happier than a skeptic is no 
more to the point than the fact that a drunken man is 
happier than a sober one. The happiness of credulity is a 
cheap and dangerous quality of happiness, and by no means 
a necessity of life."

George Bernard Shaw
Androcles and the Lion 

[toc] | [prev] | [next] | [standalone]

#8141

Dreamer In Colore <dreamerincolore@hotmail.com> writes:
> On Mon, 12 Jul 2021 09:53:00 +0000, Unbreakable Disease
> <unbreakable@secmail.pro> wrote:
>>My 50-year old brain isn't capable of memorizing that many passwords 
>>anymore, so I use KeePassXC. I keep basically everything here including 
>>my financial passwords and credit card data, with the exception of 
>>passwords that I would have to remember anyway (full-disk encryption, 
>>login, primary e-mail passwords, etc.)
>>
>>Overall, it's much easier to remember and much harder to forget 10 
>>complicated passwords that you use everyday than 100+ simple passwords 
>>you use every month or even less.
>>
>>I can't speak about Windows version of KeePass, because with the 
>>exception of playing games not available on Macintosh, I haven't used 
>>one since Windows 95 days.
>
> For what it's worth, I like LastPass. I'm not crazy about the fact
> that I can't use it on multiple devices without having to pay for it,
> but I can't begrudge the software developers over there the right to
> earn a living.
>
> The best strengths in current password technology are in passphrases:
>
> https://useapassphrase.com
>
> There's some great stats in there, such as the amount of time it takes
> to crack common spatial word passwords such as "qwerty" or "aaaaaa"...
> 10 milliseconds.
>
> Or how long it takes to crack a password that's a date like
> "03261981"... 2.213 seconds.
>
> However, if you use a sequence of four randomly chosen words like
> "mergers decade labeled manager", it'll take 6 million centuries to
> crack.
>
> So.
>
> I've converted all my passwords to sequences of four to six words; and
> I have an email account at a provider that I've never used to send
> email to anyone, or to use as the id for any website. There, I have a
> draft of an email saved that holds the information.
>
> I now only need to remember one password, and I can get to everything.
> As for the remote chance that the email provider will cease to exist,
> I made backup accounts with other major providers, because paranoia.
>
> I don't use email apps to access my password storage account; and I
> use Tor to get to it for the sake of anonymity. I'd be fairly
> impressed if someone got through that level of security, and it's
> probably overkill, but why take the risk?
>
> While I'm at it... does everyone know about 
>
> https://haveibeenpwned.com
>
> You can put your email address in there, and see if it's been involved
> in any large-scale thefts. It's got records going back years, and I
> was fairly shocked to see that my wife's account had been hacked years
> ago.

I use a couple of programs I wrote to generate random passwords and
passphrases:

    https://github.com/Keith-S-Thompson/random-passwords

It's two Perl scripts.  gen-password generates random passwords with
specified criteria, and gen-passphrase generates xkcd-style random word
sequences using the system dictionary or a specified one.

-- 
Keith Thompson (The_Other_Keith) Keith.S.Thompson+u@gmail.com
Working, but not speaking, for Philips
void Void(void) { Void(); } /* The recursive call of the void */

[toc] | [prev] | [next] | [standalone]

#8148

On Wed, 21 Jul 2021 12:31:11 -0700, Keith Thompson wrote:

> I use a couple of programs I wrote to generate random passwords and
> passphrases:
> 
>     https://github.com/Keith-S-Thompson/random-passwords
> 
> It's two Perl scripts.  gen-password generates random passwords with
> specified criteria, and gen-passphrase generates xkcd-style random word
> sequences using the system dictionary or a specified one.

I use dicewords and a set of casino dice.

-- 
Using UNIX since v6 (1975)...

Use the BIG mirror service in the UK:
 http://www.mirrorservice.org

[toc] | [prev] | [next] | [standalone]

#8149

Bob Eager <news0009@eager.cx> writes:

> On Wed, 21 Jul 2021 12:31:11 -0700, Keith Thompson wrote:
>
>> I use a couple of programs I wrote to generate random passwords and
>> passphrases:
>> 
>>     https://github.com/Keith-S-Thompson/random-passwords
>> 
>> It's two Perl scripts.  gen-password generates random passwords with
>> specified criteria, and gen-passphrase generates xkcd-style random word
>> sequences using the system dictionary or a specified one.
>
> I use dicewords and a set of casino dice.

What do you do when the password is restricted as is so often the case?

-- 
Ben.

[toc] | [prev] | [next] | [standalone]

#8151

On Thu, 22 Jul 2021 01:23:46 +0100, Ben Bacarisse wrote:

> Bob Eager <news0009@eager.cx> writes:
> 
>> On Wed, 21 Jul 2021 12:31:11 -0700, Keith Thompson wrote:
>>
>>> I use a couple of programs I wrote to generate random passwords and
>>> passphrases:
>>> 
>>>     https://github.com/Keith-S-Thompson/random-passwords
>>> 
>>> It's two Perl scripts.  gen-password generates random passwords with
>>> specified criteria, and gen-passphrase generates xkcd-style random
>>> word sequences using the system dictionary or a specified one.
>>
>> I use dicewords and a set of casino dice.
> 
> What do you do when the password is restricted as is so often the case?

It provides a basis to which I add stuff.

Jitsi does similar when choosing a random 'room' name, although I haven't 
looked at the code.



-- 
Using UNIX since v6 (1975)...

Use the BIG mirror service in the UK:
 http://www.mirrorservice.org

[toc] | [prev] | [next] | [standalone]

#8333

On Mon, 12 Jul 2021 09:53:00 +0000
Unbreakable Disease <unbreakable@secmail.pro> wrote:

> My 50-year old brain isn't capable of memorizing that many passwords 
> anymore, so I use KeePassXC. I keep basically everything here
> including my financial passwords and credit card data, with the
> exception of passwords that I would have to remember anyway
> (full-disk encryption, login, primary e-mail passwords, etc.)
> 
> Overall, it's much easier to remember and much harder to forget 10 
> complicated passwords that you use everyday than 100+ simple
> passwords you use every month or even less.
> 
> I can't speak about Windows version of KeePass, because with the 
> exception of playing games not available on Macintosh, I haven't used 
> one since Windows 95 days.

I use Pass, which is a command-line only password manager using git and
gpg. It's good and lightweight.

[toc] | [prev] | [next] | [standalone]

#8334

On Sun, 28 Nov 2021 06:51:45 +0800, rtr wrote:

> On Mon, 12 Jul 2021 09:53:00 +0000 Unbreakable Disease
> <unbreakable@secmail.pro> wrote:
> 
>> My 50-year old brain isn't capable of memorizing that many passwords
>> anymore, so I use KeePassXC. I keep basically everything here including
>> my financial passwords and credit card data, with the exception of
>> passwords that I would have to remember anyway (full-disk encryption,
>> login, primary e-mail passwords, etc.)
>> 
>> Overall, it's much easier to remember and much harder to forget 10
>> complicated passwords that you use everyday than 100+ simple passwords
>> you use every month or even less.
>> 
>> I can't speak about Windows version of KeePass, because with the
>> exception of playing games not available on Macintosh, I haven't used
>> one since Windows 95 days.
> 
> I use Pass, which is a command-line only password manager using git and
> gpg. It's good and lightweight.

Yes, me too. It works well.



-- 
Using UNIX since v6 (1975)...

Use the BIG mirror service in the UK:
 http://www.mirrorservice.org

[toc] | [prev] | [next] | [standalone]

#8335

On 2021-11-27 22:51:45 +0000, rtr said:
> On Mon, 12 Jul 2021 09:53:00 +0000
> Unbreakable Disease <unbreakable@secmail.pro> wrote:
>> 
>> My 50-year old brain isn't capable of memorizing that many passwords
>> anymore, so I use KeePassXC. I keep basically everything here
>> including my financial passwords and credit card data, with the
>> exception of passwords that I would have to remember anyway
>> (full-disk encryption, login, primary e-mail passwords, etc.)
>> 
>> Overall, it's much easier to remember and much harder to forget 10
>> complicated passwords that you use everyday than 100+ simple
>> passwords you use every month or even less.
>> 
>> I can't speak about Windows version of KeePass, because with the
>> exception of playing games not available on Macintosh, I haven't used
>> one since Windows 95 days.
> 
> I use Pass, which is a command-line only password manager using git and
> gpg. It's good and lightweight.

MacOS has the Keychain app built-in.

1Password used to be a good third-party option, but recently it has 
been tending more towards silly subscription-based pricing and storing 
everything in the silly cloud. Probably best avoided in case some 
future version decides that's the only way to use it.

There are numerous other third-party options.

[toc] | [prev] | [next] | [standalone]

#8341

On 2021-11-27 20:26, Your Name wrote:

> 1Password used to be a good third-party option, but recently it has been 
> tending more towards silly subscription-based pricing and storing 
> everything in the silly cloud. Probably best avoided in case some future 
> version decides that's the only way to use it.

You can still buy the standalone version. (I have it).

And of course you store the encrypted database in a cloud location so 
your many devices in many places can access the most recent data in it 
(whether the subscription or "all paid" version).

I find Dropbox to be less problematic than Apple iCloud.  The latter has 
required that after changes made (ie) at home to appear on my work Mac 
that I quit 1P and run it again.  No such issues with Dropbox as the 
cloud location.

-- 
"...there are many humorous things in this world; among them the white
  man's notion that he is less savage than the other savages."
                                             -Samuel Clemens

[toc] | [prev] | [next] | [standalone]

#8342

In article <lUTpJ.176380$I%1.140025@fx36.iad>, Alan Browne
<bitbucket@blackhole.com> wrote:

> > 1Password used to be a good third-party option, but recently it has been 
> > tending more towards silly subscription-based pricing and storing 
> > everything in the silly cloud. Probably best avoided in case some future 
> > version decides that's the only way to use it.
> 
> You can still buy the standalone version. (I have it).

nope. they've stopped selling the standalone licenses after the
announcement of version 8.

<https://1password.community/discussion/122755/looking-to-buy-a-1passwor
d-7-standalone-non-subscription-licence-ugprade>
  Standalone licenses are no longer for sale I am afraid, sorry. To
  upgrade your 1Password app to version 7 or 8, you will need a
  Membership. Please see this post from our founder Dave with all
  the details 

> And of course you store the encrypted database in a cloud location so 
> your many devices in many places can access the most recent data in it 
> (whether the subscription or "all paid" version).

yep.

> I find Dropbox to be less problematic than Apple iCloud.  The latter has 
> required that after changes made (ie) at home to appear on my work Mac 
> that I quit 1P and run it again.  No such issues with Dropbox as the 
> cloud location.

no such problem here. 

dropbox has become incredibly bloated and bad that it's no longer
usable. it also hooks into the os in evil ways.

[toc] | [prev] | [next] | [standalone]

#8343

On 2021-12-01 19:00, nospam wrote:
> In article <lUTpJ.176380$I%1.140025@fx36.iad>, Alan Browne
> <bitbucket@blackhole.com> wrote:
> 
>>> 1Password used to be a good third-party option, but recently it has been
>>> tending more towards silly subscription-based pricing and storing
>>> everything in the silly cloud. Probably best avoided in case some future
>>> version decides that's the only way to use it.
>>
>> You can still buy the standalone version. (I have it).
> 
> nope. they've stopped selling the standalone licenses after the
> announcement of version 8.
> 
> <https://1password.community/discussion/122755/looking-to-buy-a-1passwor
> d-7-standalone-non-subscription-licence-ugprade>
>    Standalone licenses are no longer for sale I am afraid, sorry. To
>    upgrade your 1Password app to version 7 or 8, you will need a
>    Membership. Please see this post from our founder Dave with all
>    the details

Then when 1P standalone breaks "usability" I will part company with them.

>> And of course you store the encrypted database in a cloud location so
>> your many devices in many places can access the most recent data in it
>> (whether the subscription or "all paid" version).
> 
> yep.
> 
>> I find Dropbox to be less problematic than Apple iCloud.  The latter has
>> required that after changes made (ie) at home to appear on my work Mac
>> that I quit 1P and run it again.  No such issues with Dropbox as the
>> cloud location.
> 
> no such problem here.
> 
> dropbox has become incredibly bloated and bad that it's no longer
> usable. it also hooks into the os in evil ways.

It's very usable.  I have tons of files on it for various uses and 
access files from many devices on a daily basis for both personal and 
work.  There is no "bloat" affecting that.

I also use iCloud for some things.  There is often a "wait" while it 
downloads files.  Seems to wait until one wants a file rather than being 
in sycn asap as Dropbox does.

Regardless, over the years I've had various issues using iCloud for 1P 
sync.  It will be fine for a few months and then go bonkers.  Could be 
because my home and work Macs are at different OS versions coupled to 
1Password also being at different versions (home v. work Macs).

I don't care about that while Dropbox has been more reliable in this 
regard - consistently.

-- 
"...there are many humorous things in this world; among them the white
  man's notion that he is less savage than the other savages."
                                             -Samuel Clemens

[toc] | [prev] | [next] | [standalone]

#8344

In article <5IUpJ.70459$qz4.49635@fx97.iad>, Alan Browne
<bitbucket@blackhole.com> wrote:

> > dropbox has become incredibly bloated and bad that it's no longer
> > usable. it also hooks into the os in evil ways.
> 
> It's very usable.  I have tons of files on it for various uses and 
> access files from many devices on a daily basis for both personal and 
> work.  There is no "bloat" affecting that.

the dropbox client is electron app (bloat) which contains a chrome
browser (more bloat). it's also a major resource hog. it's garbage. 

<https://www.macrumors.com/guide/five-alternative-dropbox-clients/>
  The Dropbox app has a troubled reputation among Mac users. The 
  client is often called out for using significant system resources,
  even when it's not doing anything in the background. And when it 
  does lurch into action, syncing with Dropbox's servers can sometimes
  be painfully slow, for no obvious reason.

  Added to this is the fact that almost a year after the first Macs
  with the M1 chip became available, Dropbox still doesn't natively
  support Apple silicon, and won't until sometime in 2022. That means
  M1 Mac owners must use Dropbox with Rosetta, and reports suggest the
  client hemorrhages MacBook battery life and uses a disproportionate
  amount of memory on Apple silicon Macs.

the above link lists alternative dropbox clients.

> I also use iCloud for some things.  There is often a "wait" while it 
> downloads files.  Seems to wait until one wants a file rather than being 
> in sycn asap as Dropbox does.
> 
> Regardless, over the years I've had various issues using iCloud for 1P 
> sync.  It will be fine for a few months and then go bonkers.  Could be 
> because my home and work Macs are at different OS versions coupled to 
> 1Password also being at different versions (home v. work Macs).

i've never seen any such issue across a wide array of macs, iphones and
ipads.

> I don't care about that while Dropbox has been more reliable in this 
> regard - consistently.

opposite for me.

[toc] | [prev] | [next] | [standalone]

Page 4 of 5 — ← Prev page 1 2 3 [4] 5  Next page →

Back to top | Article view | comp.sys.mac.misc

csiph-web