Password Manager Discussion.

BTW, today I noticed that I couldn't import my KeePass database from my desktop to my laptop. This probably means that the database is corrupted. This means that if something happened to my desktop, I would have lost all of my passwords! I decided right away to save my passwords in a text file, and I probably will need to encrypt it.

 

Has anyone tried Cyclonis Password Manager, their website looks pretty good.

https://www.cyclonis.com/nl/producten/cyclonis-password-manager/

 

I also use 1Password, but I don't pay the monthly subscription as for a long time there was a way to simply buy a perpetual license for it. I was either grandfathered, or it may still be possible to outright buy in some fashion if you know the secret handshake and website. I don't recall the particulars, but they make it tough to find... if its even still available as a perpetual license. If I recall, you can't use 1Password's cloud environment for Sync if you don't subscribe monthly; but you can still Sync through iCloud, Dropbox, or via local WiFi to other devices with 1Password... or you can select no Sync at all if you are worried about those mechanisms.

One cool thing about 1Password is that it supports 2FA and can often eliminate the need of a separate authenticator app. For example, if you enable 2FA on a site like Coinbase, it will provide a QR code that you scan with your authenticator app in order to setup the token generation. With 1Password, it will ask for access to your screen and will recognize the QR code itself and will automatically setup the token generation. From then on, you can just have 1Password provide the token when needed and you don't have to fiddle with an authenticator app on your smart phone. I'm not aware if very many of the other password managers provide this functionality.

I've also recently downloaded MacPass (a macOS KeePass-compatible password manager). I haven't switched over or anything, but will probably play around with it a bit and see how well it works for me.

 

That sounds kind of cool, that you don't need your smartphone anymore for 2FA with 1Password. And I have to say that I don't really like the standard GUI of MacPass, you see this type of GUI quite often on Macs.

 

I was looking for a replacement for KeePass and I decided to instal Enpass on Win 10 and I must say I like the design. It's very simply and it loads quite fast. Not a fan of the "new style" menu though. I also don't know yet if I will use the browser extension, but I'm planning to use it as a local password database, I don't think I will use the cloud. Now I will only have to import my KeePass database, let's hope it will work. Are there any Enpass fans out there?

https://www.enpass.io

 

Why are you replacing Keepass? I find it does the job fine for me.

 

It does the job, but it's not that nice looking, I wanted something more modern. Also, in the future I may want to use browser extensions and I have never been able to make KeePass work together with web browsers. The only problem is that Enpass won't install on Win 8.1, so I guess I need to do some updating. On Win 10 it works just fine.

 

BTW, I have just checked out SafeInCloud and it's pretty similar to Enpass, perhaps even better. But I'm not sure if it supports Vivaldi. And for the record, you don't actually have to use the cloud, you can also use it as a local password database.

https://www.softpedia.com/get/Security/Password-Managers-Generators/Safe-In-Cloud.shtml

 

Buttercup password manager gets upgraded to version 2.0 for Windows, macOS and Linux
April 18, 2021
https://www.ghacks.net/2021/04/18/b...d-to-version-2-0-for-windows-macos-and-linux/

 

1Password releases full-featured desktop app for Linux

1Password has launched a full-featured desktop app for Linux, providing users with the ability to secure credentials across devices from the same 1Password app.

https://www.helpnetsecurity.com/2021/05/18/1password-linux-app/

 

Wow no way, @Mrkvonic is gonna explode so hard!

 

And they are (again) giving back to the Open Source community (free Teams accounts):

https://github.com/1Password/1password-teams-open-source

 

Is it true that LastPass doesn't offer a desktop app anymore? Also, about password managers in general, what if your master password gets hacked, then I guess it's game over, or can this also be secured via 2FA, like with a security key?

 

Yes there is 2FA. Idk about desktop I use browser extension.

 

Seems like you will have to pay for this, at least with LastPass. But also looks like LastPass is entirely cloud based, so this is no option for me. But I always wondered about this topic, because all of these passwords managers brag about that you will only need to remember one password, but if it gets stolen, hackers have access to ALL of your passwords, so now you have actually made things worse. So it's absolutely crucial that the master password is always protected with 2FA.

 

BTW, here is a good review:

https://www.tomsguide.com/us/best-password-managers,review-3785.html

 

2FA is available using the free version of LastPass:

https://www.lastpass.com/pricing/la...nced features,email support that's managed by

 

All someone really needs is your email password. If they get that they can lock you out of your email and then use the account to reset everything else.

 

Yes correct, but hardware security keys are not supported.

Good point, is it really this easy? So I guess your email is probably one of the most important accounts to protect. BTW, I saw that Yahoo Mail now supports security keys, but they are not listed on the Yubico site, does anyone know more about this?

 

I've known people that used their pet's name for an email password. If you set up your online banking to email that account and someone gets in they go to your bank and reset the password...

 

My dog's name is -3L:u:E)4C:ErskxvC@ZQ73d5*cK.

 

Luckily Europe's PSD2 directive requires banks to use 2FA:

https://www.infobip.com/blog/how-to-be-psd2-compliant-with-two-factor-authentication

 

Unfortunately a lot of 2FA is a code sent... to your email.

 

Speaking of password managers. Does anyone here use or has deployed one in an enterprise environment? Looking into this for work and am curious about what anyone here at Wilders has to say. Thanks!