[Hidden-tech] Password Managers
Robin MacRostie
rmacrostie at gmail.com
Wed Aug 27 12:31:01 EDT 2014
LastPass
On Wed, Aug 27, 2014 at 7:07 AM, Chris Hart <email at chrishart.net> wrote:
> ** Be sure to fill out the survey/skills inventory in the member's area.
> ** If you did, we all thank you.
>
>
>
> Personally, I'm a big 1Password advocate. I've been using it for many
> years and like how robust/reliable it is. I also value the fact that the
> password "vault" is actually resident on my devices (it can be synced via
> cloud if you want — which I do take advantage of — but you don't have to
> put your data in the cloud if you don't want to). On Apple devices,
> 1Password can sync via iCloud or Dropbox. Your password vault is encrypted
> everywhere it lives — on your Mac, PC, smartphone, tablet, cloud service.
>
> 1Password is in contrast to some password managers that are entirely
> cloud-based — like LastPass — which don't necessarily give you full control
> over your data.
>
> It's worth noting that many "Password Managers" can be used for more than
> just passwords. You can keep secure notes about anything and everything
> you like (which I do) and several also let you store images of important
> documents (banking docs, drivers license, passport, birth cert, etc.).
> 1Password does all that.
>
> *Chris Hart*
>
> * Computer Support & Technology Consulting*
>
> * for Connecticut and Western Massachusetts*
>
> * Tel: 860-291-9393 <860-291-9393>*
>
> * http://www.MyMacTech.com <http://www.MyMacTech.com>*
>
> From: Rob Laporte <rob at 2disc.com>
> Date: Tuesday, August 26, 2014 at 1:12 PM
> To: Chris Hart <email at chrishart.net>, <
> Hidden-discuss at lists.hidden-tech.net>
> Subject: Re: [Hidden-tech] security audit of network and website
> properties
>
> Hi Chris and HTers,
>
> Great advice Chris, thank you. Any suggestions about which password
> manager is best amount 1Password, LastPass, DashLane, etc.? Or are they all
> pretty much as good as the other?
>
> Best Regards,
>
>
> *Rob Laporte*President and CEO
>
> *DISC, Inc. - "Making Web Sites Make Money"*413-584-6500
> Fax – 413-553-0745
> Rob at 2disc.com
> www.2disc.com
>
> Note: Increasingly, ISPs, companies and individuals use spam blocking
> systems that block legitimate email too. Important emails should be
> followed up with a phone call if no reply happens within an expected span
> of time.
>
>
>
>
> ------------------------------
> *From: *Chris Hart <email at chrishart.net>
> *Date: *Tue, 26 Aug 2014 10:10:08 -0400
> *To: *<Hidden-discuss at lists.hidden-tech.net>
> *Conversation: *security audit of network and website properties
> *Subject: *Re: [Hidden-tech] security audit of network and website
> properties
>
> ** Be sure to fill out the survey/skills inventory in the member's area.
> ** If you did, we all thank you.
>
>
> ------------------------------
>
> The number 1 suggestion I have for network and 'net security is to have
> good password practices:
> 1) using long, random passwords, that are unique for every single
> site/service/account
> 2) storing them in an encrypted password manager and nowhere else
> (1Password, LastPass, DashLane, etc.)
> 3) change the passwords once in a while
> - change critical passwords (like banking/financial) on a quarterly basis
> - any time someone leaves your company, change the codes that you know
> they had access to
>
> If you don't have strong password practices as a starting point, all the
> security in the world is worthless. And I can't tell you how many
> individuals and business I encounter who have lousy password habits and are
> making themselves vulnerable.
>
> And if others in the organization are responsible for establishing new /
> changing passwords sometimes, you should audit their passwords, too. I
> have seen many instances of the boss at a company pushing through my
> password practice recommendations to the staff, only to have the staff
> change the passwords back to something "easy" shortly thereafter. (Of
> course using password managers should negate the need for 'easy' passwords,
> but some people are stubborn and minimize the threats/risks in their head
> and talk themselves out of the need for strong passwords.)
>
>
> *Chris Hart*
>
> * Computer Support & Technology Consulting*
>
> * for Connecticut and Western Massachusetts*
>
> * Tel: 860-291-9393 <860-291-9393>*
>
> * http://www.MyMacTech.com <http://www.MyMacTech.com>*
>
>
>
> On 8/26/2014 7:48 AM, Rob Laporte wrote:
>
>
>
>
> This leads me to a new but related topic and question: are there network
> and security experts on this list? If so, I think it would be good to hear
> from them, for all our sakes. A security audit of network and website
> properties should probably be higher on most of our todo lists than it is.
>
> Best Regards,
>
>
> *Rob Laporte *President and CEO
>
> *DISC, Inc. - "Making Web Sites Make Money" *413-584-6500
> Fax – 413-553-0745
> Rob at 2disc.com
> www.2disc.com <http://www.2disc.com> <http://www.2disc.com>
>
>
> ------------------------------
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
>
--
Robin MacRostie
*CHOREO* Graphic Consulting and Design for Effective Marketing
413.461.6655
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20140827/e4412808/attachment.html
More information about the Hidden-discuss
mailing list