[Hidden-tech] Password Managers
Chris Hart
email at chrishart.net
Wed Aug 27 07:07:24 EDT 2014
Personally, I'm a big 1Password advocate. I've been using it for many years
and like how robust/reliable it is. I also value the fact that the password
"vault" is actually resident on my devices (it can be synced via cloud if
you want ‹ which I do take advantage of ‹ but you don't have to put your
data in the cloud if you don't want to). On Apple devices, 1Password can
sync via iCloud or Dropbox. Your password vault is encrypted everywhere it
lives ‹ on your Mac, PC, smartphone, tablet, cloud service.
1Password is in contrast to some password managers that are entirely
cloud-based ‹ like LastPass ‹ which don't necessarily give you full control
over your data.
It's worth noting that many "Password Managers" can be used for more than
just passwords. You can keep secure notes about anything and everything you
like (which I do) and several also let you store images of important
documents (banking docs, drivers license, passport, birth cert, etc.).
1Password does all that.
Chris Hart
• Computer Support & Technology Consulting
for Connecticut and Western Massachusetts
Tel: 860-291-9393
http://www.MyMacTech.com
From: Rob Laporte <rob at 2disc.com>
Date: Tuesday, August 26, 2014 at 1:12 PM
To: Chris Hart <email at chrishart.net>,
<Hidden-discuss at lists.hidden-tech.net>
Subject: Re: [Hidden-tech] security audit of network and website properties
Re: [Hidden-tech] security audit of network and website properties
Hi Chris and HTers,
Great advice Chris, thank you. Any suggestions about which password manager
is best amount 1Password, LastPass, DashLane, etc.? Or are they all pretty
much as good as the other?
Best Regards,
Rob Laporte
President and CEO
DISC, Inc. - "Making Web Sites Make Money"
413-584-6500
Fax 413-553-0745
Rob at 2disc.com
www.2disc.com
Note: Increasingly, ISPs, companies and individuals use spam blocking
systems that block legitimate email too. Important emails should be followed
up with a phone call if no reply happens within an expected span of time.
From: Chris Hart <email at chrishart.net>
Date: Tue, 26 Aug 2014 10:10:08 -0400
To: <Hidden-discuss at lists.hidden-tech.net>
Conversation: security audit of network and website properties
Subject: Re: [Hidden-tech] security audit of network and website properties
** Be sure to fill out the survey/skills inventory in the member's area.
** If you did, we all thank you.
The number 1 suggestion I have for network and 'net security is to have good
password practices:
1) using long, random passwords, that are unique for every single
site/service/account
2) storing them in an encrypted password manager and nowhere else
(1Password, LastPass, DashLane, etc.)
3) change the passwords once in a while
- change critical passwords (like banking/financial) on a quarterly basis
- any time someone leaves your company, change the codes that you know they
had access to
If you don't have strong password practices as a starting point, all the
security in the world is worthless. And I can't tell you how many
individuals and business I encounter who have lousy password habits and are
making themselves vulnerable.
And if others in the organization are responsible for establishing new /
changing passwords sometimes, you should audit their passwords, too. I have
seen many instances of the boss at a company pushing through my password
practice recommendations to the staff, only to have the staff change the
passwords back to something "easy" shortly thereafter. (Of course using
password managers should negate the need for 'easy' passwords, but some
people are stubborn and minimize the threats/risks in their head and talk
themselves out of the need for strong passwords.)
Chris Hart
• Computer Support & Technology Consulting
for Connecticut and Western Massachusetts
Tel: 860-291-9393
http://www.MyMacTech.com
On 8/26/2014 7:48 AM, Rob Laporte wrote:
> This leads me to a new but related topic and question: are there network and
> security experts on this list? If so, I think it would be good to hear from
> them, for all our sakes. A security audit of network and website properties
> should probably be higher on most of our todo lists than it is.
>
> Best Regards,
>
> Rob Laporte
> President and CEO
> DISC, Inc. - "Making Web Sites Make Money"
> 413-584-6500
> Fax 413-553-0745
> Rob at 2disc.com
> www.2disc.com <http://www.2disc.com>
>
_______________________________________________
Hidden-discuss mailing list - home page: http://www.hidden-tech.net
Hidden-discuss at lists.hidden-tech.net
You are receiving this because you are on the Hidden-Tech Discussion list.
If you would like to change your list preferences, Go to the Members
page on the Hidden Tech Web site.
http://www.hidden-tech.net/members
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20140827/00fda40a/attachment.html
More information about the Hidden-discuss
mailing list