Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
Capacities up to 56TB and speeds up to 1527MB/s
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$155 $100
SAVE $55

$2198 $1998
SAVE $200

$1799 $1599
SAVE $200

$999 $779
SAVE $220

$1299 $949
SAVE $350

$799 $549
SAVE $250

$1499 $999
SAVE $500

$799 $549
SAVE $250

$2797 $2497
SAVE $300

$1997 $1797
SAVE $200

$549 $499
SAVE $50

$1699 $949
SAVE $750

$240 $175
SAVE $65

$3399 $2699
SAVE $700

$1100 $880
SAVE $220

Password Managers (General)

2014-10-14 - Send Feedback
Related: how-to, passphrase, security

MPG strongly recommends use of a password manager as both more convenient and far more secure than the de-facto practices used by most:

  • Weak passwords (bad!): easy to guess/compromise, but also easy to remember and enter, which accounts for the popularity of passwords like using a dog’s name (“lassie”), or birthday (june29) or “12345” or a favorite movie (“BladeRunner”). See Toward Better Master Passwords.
  • Password re-use: using a password for more than one web site. This is very real danger yet many users do so. It is particularly risky given that many web sites continue to store plaintext (unencrypted/unhashed) passwords in web-accessible areas, a negligent practice.
  • Mobile devices: mobile devices strongly encourage weak passwords by making it tedious to use mixed case and letters and symbols.
1Password: web site logins

Many risks abound in accessing web sites, here is a simplified sampler:

  • Low quality passwords that can be discovered via dictionary or brute force attacks, especially if there are no protections against rapid and repeated login attempts.
  • Negligent web sites that store passwords in the “clear” (rather than one-way hashes).
  • Compromise of a password used for multiple purposes exposes a user to risks everywhere the password is used.
  • Insecure WiFi nodes or similar, where hackers can pretend to be the real web site, capturing passwords without being noticed.

Password are a real headache for most of us: good passwords are tedious to type and hard to enter without errors, and good ones are hard to remember. Moreover, the job is even more tedious with mobile devices like iPhone, where mixed-case requires extra steps to toggle between upper/lower case and punctuation/numbers—a strong incentive to use a low quality (awful) password consisting of lower-case letters or similar.

Password managers

Your author worked as a software engineer in security for a time—PGP, having implemented an encrypting driver for Mac OS, and managed a team of engineers there.

Password managers lock up passwords with one “master” password. Some have been awkward to use, and some have had their own security flaws and as a result your author had been reluctant to use a password manager.

But after some use and study of Agile Bits 1Password, MPG uses 1Password, and now strongly recommends 1Password to readers (other competing programs have not been evaluated and MPG makes no pro or con statement on them).

View all handpicked deals...

Sony FE 24-70mm f/2.8 GM Lens
$2198 $1998
SAVE $200

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__