[Hidden-tech] Password Managers

Jeff Brand jeff at deltafactory.com
Wed Aug 27 09:06:47 EDT 2014
Previous message: [Hidden-tech] Password Managers
Next message: [Hidden-tech] Password Managers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Yes, LastPass incorporates the cloud sync functionality without the need 
for the other account (Dropbox, iCloud) though it's not "entirely 
cloud-based." As with 1Password, the database of passwords resides 
encrypted on each device and can be used in offline mode without 
requiring an active connection.

Details on offline support:
* https://lastpass.com/support.php?cmd=showfaq&id=956
* 
https://helpdesk.lastpass.com/password-manager-basics/your-lastpass-vault/offline-access-to-your-lastpass-vault/

LastPass on mobile devices costs $12/year, while desktop browser plugins 
are free. It also tracks multiple types of data beyond automating 
website logins and form-fills.

On 8/27/2014 7:07 AM, Chris Hart wrote:
>     ** Be sure to fill out the survey/skills inventory in the member's area.
>     ** If you did, we all thank you.
>
>
>
>
> Personally, I'm a big 1Password advocate.  I've been using it for many 
> years and like how robust/reliable it is.  I also value the fact that 
> the password "vault" is actually resident on my devices (it can be 
> synced via cloud if you want --- which I do take advantage of --- but 
> you don't have to put your data in the cloud if you don't want to). 
>  On Apple devices, 1Password can sync via iCloud or Dropbox.  Your 
> password vault is encrypted everywhere it lives --- on your Mac, PC, 
> smartphone, tablet, cloud service.
>
> 1Password is in contrast to some password managers that are entirely 
> cloud-based --- like LastPass --- which don't necessarily give you 
> full control over your data.
>
> It's worth noting that many "Password Managers" can be used for more 
> than just passwords.  You can keep secure notes about anything and 
> everything you like (which I do) and several also let you store images 
> of important documents (banking docs, drivers license, passport, birth 
> cert, etc.).  1Password does all that.
>
> /Chris Hart/
>
> //?/Computer Support & Technology Consulting/
>
> /      for Connecticut and Western Massachusetts/
>
> /          Tel: 860-291-9393/
>
> /              http://www.MyMacTech.com/
>
>
> From: Rob Laporte <rob at 2disc.com <mailto:rob at 2disc.com>>
> Date: Tuesday, August 26, 2014 at 1:12 PM
> To: Chris Hart <email at chrishart.net <mailto:email at chrishart.net>>, 
> <Hidden-discuss at lists.hidden-tech.net 
> <mailto:Hidden-discuss at lists.hidden-tech.net>>
> Subject: Re: [Hidden-tech] security audit of network and website 
> properties
>
> Re: [Hidden-tech] security audit of network and website properties
> Hi Chris and HTers,
>
> Great advice Chris, thank you. Any suggestions about which password 
> manager is best amount 1Password, LastPass, DashLane, etc.? Or are 
> they all pretty much as good as the other?
>
> Best Regards,
>
> *Rob Laporte
> *President and CEO
> *DISC, Inc. - "Making Web Sites Make Money"
> *413-584-6500
> Fax -- 413-553-0745
> Rob at 2disc.com <mailto:Rob at 2disc.com>
> www.2disc.com
>
> Note: Increasingly, ISPs, companies and individuals use spam blocking 
> systems that block legitimate email too. Important emails should be 
> followed up with a phone call if no reply happens within an expected 
> span of time.
>
>
>
>
> ------------------------------------------------------------------------
> *From: *Chris Hart <email at chrishart.net <mailto:email at chrishart.net>>
> *Date: *Tue, 26 Aug 2014 10:10:08 -0400
> *To: *<Hidden-discuss at lists.hidden-tech.net 
> <mailto:Hidden-discuss at lists.hidden-tech.net>>
> *Conversation: *security audit of network and website properties
> *Subject: *Re: [Hidden-tech] security audit of network and website 
> properties
>
>   ** Be sure to fill out the survey/skills inventory in the member's area.
>    ** If you did, we all thank you.
>
>
> ------------------------------------------------------------------------
>
> The number 1 suggestion I have for network and 'net security is to 
> have good password practices:
> 1) using long, random passwords, that are unique for every single 
> site/service/account
> 2) storing them in an encrypted password manager and nowhere else 
>  (1Password, LastPass, DashLane, etc.)
> 3) change the passwords once in a while
> - change critical passwords (like banking/financial) on a quarterly basis
> - any time someone leaves your company, change the codes that you know 
> they had access to
>
> If you don't have strong password practices as a starting point, all 
> the security in the world is worthless.  And I can't tell you how many 
> individuals and business I encounter who have lousy password habits 
> and are making themselves vulnerable.
>
> And if others in the organization are responsible for establishing new 
> / changing passwords sometimes, you should audit their passwords, too. 
>  I have seen many instances of the boss at a company pushing through 
> my password practice recommendations to the staff, only to have the 
> staff change the passwords back to something "easy" shortly 
> thereafter.  (Of course using password managers should negate the need 
> for 'easy' passwords, but some people are stubborn and minimize the 
> threats/risks in their head and talk themselves out of the need for 
> strong passwords.)
>
> /Chris Hart
> /
> //?/Computer Support & Technology Consulting
> /
> /       for Connecticut and Western Massachusetts
> /
> /           Tel: 860-291-9393
> /
> /http://www.MyMacTech.com
> /
>
>
>
>  On 8/26/2014 7:48 AM, Rob Laporte wrote:
>
>
>
>     This leads me to a new but related topic and question: are there
>     network and security experts on this list? If so, I think it would
>     be good to hear from them, for all our sakes. A security audit of
>     network and website properties should probably be higher on most
>     of our todo lists than it is.
>
>      Best Regards,
>
>     *Rob Laporte
>     *President and CEO
>     *DISC, Inc. - "Making Web Sites Make Money"
>     *413-584-6500
>      Fax -- 413-553-0745
>     Rob at 2disc.com <mailto:Rob at 2disc.com>
>      www.2disc.com <http://www.2disc.com> <http://www.2disc.com>
>
>
> ------------------------------------------------------------------------
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net 
> <mailto:Hidden-discuss at lists.hidden-tech.net>
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
>
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20140827/54bb22d1/attachment-0001.html
Previous message: [Hidden-tech] Password Managers
Next message: [Hidden-tech] Password Managers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Hidden-discuss mailing list