Wiping log-ins & passwords

2»

Comments

  • sunlund2311
    sunlund2311 Posts: 163 Forumite
    Part of the Furniture Combo Breaker
    Everybody has their favourite/hated browser. As far as personal/private security itsdown to the individual, BUT dont forget, save your passwords anywhere you are susceptible. Try using the hard drive in your head. Miscreants (posh eh?) would much prefer to find one password than half a dozen.

    Stay safe:)
    2017 WINS
    £500 ASDA Gift Cards
    2016 Wins
    Samsung S6, £50 Argos vouchers. £50 Mastercard, £50 John Lewis voucher and Pandora charm

    :A Thanks to All Posters & Good Luck :A
  • A.Penny.Saved
    A.Penny.Saved Posts: 1,832 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Combo Breaker
    mr_fishbulb wrote: »
    I use both Keepass and Lastpass. I agree Keepass is more secure as your data is not sitting on some webserver (although in Lastpass's case they say this info is encrypted and can only be accessed when you enter your password- but I would question the model they are using: I am able to log into the lastpass website and view my saved passwords, therefore the decryption is being performed on their servers and my cleartext passwords must sit on their infrastructure at least temporarily).

    However it is a trade-off between security and usability (as it always is). With Keepass you need to copy your username and password to the clipboard and then paste it into the browser (or use the autotype function). With lastpass it is all automated.

    On a sidenote Keepass is more secure when using autotype rather than copying and pasting passwords. When you copy a password it can be viewed in the clipbaord, whereas when using autotype it is less likely to be intercepted by keyloggers (see here).
    I very rarely use the clipboard with Firefox and when I do, autotype is the best method as it does split the data up and move the cursor around the field to re-construct it in an attempt to prevent keyloggers.

    I use Keyfox extension which auto fills fields for saved passwords and that doesn't use the clipboard. Keefox makes Keepass very secure and much easier to use once setup.

    LastPass might send the password over a SSL encrypted connection, I wouldn't expect it to send plain text passwords. But unless some measures are taken even that could be keylogged unless some keyboard encryption software is used. I use keyscrambler with Keepass to prevent keylogging of the master password.

    Keepass can store passwords on the internet but I don't need it and would never use it if I did because I would not take the slightest risk with my passwords no matter how remote the possibility.

    Keepass is freeware so it costs nothing to use. I think it should be in the list of recommended software on MSE, if it isn't already.

    Keepass Download
    Keepass V1 & V2 feature comparison (V1 doesn't require dotNet)
  • Dick_Turpin99
    Dick_Turpin99 Posts: 394 Forumite
    i just noticed that the "Trusteer Rapport" prog installed at the request of Natwest to prevent fraud via online banking offers to protect all my passwords now
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.1K Banking & Borrowing
  • 252.7K Reduce Debt & Boost Income
  • 453.1K Spending & Discounts
  • 243K Work, Benefits & Business
  • 597.4K Mortgages, Homes & Bills
  • 176.5K Life & Family
  • 256K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture