Windows 10: Storing passwords.

I use Lastpass password manager but I was wondering if it is a good or bad idea to store your passwords locally or probably better on an external drive? I've read that storing them in Onedrive is not a good idea as they could easily be accessed by someone unwanted...

Could you encrypt a backup of your passwords?

:)

 

storing passwords

Hi Barbara,

Storing passwords in Windows lets you automatically enter saved user names and passwords for various network resources, servers, websites, and applications, to authenticate yourself. To help you on how to remember the password for Windows 10, you may follow
the steps from this link: Remember passwords
in Microsoft Edge

Let us know if you need further assistance.

 

storing passwords

Jenicel Dri, who responded to my question did not help. It made me think she did not READ my question and just sent some boilerplate text that had at least one word that matched one word in my question.

I hope the technician felt proud that at least she logged in one more technical support answer irregardless of whether it actually addressed my problem or not.

Then, to make things worse she replied to a mailbox that I could not reply to. Nothing more annoying when seeking technical support to know that it is only a one way street: YOUR WAY, not your customer's way.

Bill Gates has earned billions and billions of dollars - and great he is out there feeding the starving, instead of supporting the products for the customers that paid him those billions.

In addition, I was sent another email begging me for kudos for the support rep. Gee they would let me reply to that but not to the rep to let them know they misunderstood the problem.

 

I use Lastpass myself, they encrypt their data but like anything online there's an element of risk. Same could be argued for written down passwords, burgler enters house and finds your passwords and steals your computer. May be he wouldn't have considered stealing the computer until he saw the password book.

OneDrive is not geared towards password storage.

Lastpass has rescued me numerous times.

 

Hi there

Storing passwords anywhere carries an element of Risk -- if it's online you have the possibility of LOSS as well as Hacking.

Actually - I know security people will hate this - but for HOME users a bit of LOW tech probably is the best here -- (I know most people under the age of about 27 will probably not have a clue what I am saying) Simply write them down on a piece of paper / notebook and store it in a safe place.

If anybody does break in and steals the notebook - you'll have much more to worry about than lost passwords after a visit from "an uninvited guest".

I just don't like the idea of sharing sensitive information with 3rd parties - however secure they say they are.

I believe the only set of computers that have never been hacked from the Outside were IBM mainframes using their RACF (Resource Access Control Facility). Totally different from PC's etc and even current Network servers. !!!

For people who might be interested :

Resource Access Control Facility - Wikipedia, the free encyclopedia

Cheers
jimbo

 

You can encrypt anything as many times as you want and then store it anywhere.
Lastpass backup should be already encrypted, but you can additionally use 7-zip.

How to encrypt ZIP files securely using 7Zip

I prefer to backup offline and use an offline password manager like KeePass, but that is a matter of choice.

 

Hi there

using these sorts of ONLINE services misses the point. IMO as the previous poster says using OFFLINE methods is far more sensible. If you though use an electronic device you still have the problem if the device fails.

Against the ONLINE stuff :

1) presumably you STILL need a password to access this data --so what happens if you forget it.
2) If the server is down and you need the data - then you are also HOSED -- no point saying these servers never go down --even the "Mighty Google" has had outages - and not so long ago either.
3) Some of these servers can be seized by FBI or whatever if people store "dubious content" on them.
4) Intelligence / Security agencies world wide can get access to this data "In the Interests of National Security" --catchall phrase in loads of jurisdictions but I don't think there are many Court cases explaining exctly what that is.
5) Hack possibilty,.

I might be an old Dinosaur but I think the Pen and Paper method trumps online services by MILES and also in the event of Local device failure you still can recover your passwords when you repair the device or install a new one.

As for encryption -- a good idea but people usually forget that you STILL have to enter a password in Plaintext even if it is encrypted before access is granted to your service.

Cheers
jimbo

 

storing your passwords onto your notebook paper is much safer than software, and this is the fact.

 

That is a good about Keepass, it enters passwords randomly, so a keylogger would only catch characters, not the password. Opening Keepass can also by done on a secure desktop and it clears a clipboard after copy/paste.

Two-Channel Auto-Type Obfuscation - KeePass

 

Hi there

you still IMO haven't understood the real problem.

If a keylogger captures your Entry it can use that to enter into your account so you are hosed whatever the real / final encryption methods are used.

What's the difference between me and anybody else replying to a Username / Password prompt -- you still have to enter these in Plaintext which is possible to capture by hackers --especially if you are mad enough to logon via Wifi --any even beginning Engineer knows about Data analysers -- any old school engineer can MAKE one of these for a few dollars - all it needs to do if you use Wifi is just capture the Wireless signal coming from your Wifi card --Router encryption occurs AFTER this - and of course plenty of cheap commercial products available too.

It's not always HOW the data is stored - but your LOGON method -- and this stuff is ALWAYS at your keyboard entered in Plaintext.

A decent way IMO far safer - nobody has come out with one yet --would be to have the encryption built in to THE KEYBOARD so although you enter PLAINTEXT any data transmission or keyloggers would get scrambled data. I haven't seen this type of device yet --

Hi youngsters you could make serious money if you could build a decent security system built into a keyboard !!!.

Cheers
jimbo

 

As I said, Keepass does not enter the real password, so hackers would have to guess the real one.

Lets say you have a password: "Password123", Keepass would enter it like this: "s2o3Pasrd1w".

 

And --if exactly the the same data that YOU entered was being captured what difference would it make. If I replicated your data entry exactly - Keys of the kingdom are opened.

Cheers
jimbo.

 

Do you have any idea, how long it would take to calculate the password, even if you know the characters? Impossible. *Nerd

 

i use lastpass on all my browsers that support it. its an excellent password manager.

 

Hi there

You've mis-understood the whole concept

You don't need to calculate / hack the password -- you've got the key info that the user types in in Plain text-- that is transmitted to the application.

You need to go to "Hacking School class 101" !!!!!!. Also read up if you are using wifi what a Data analyser can do --simple basic Engineering - if anybody studies that any more.

Not trying to be aggro here but a lot of stuff we thought was SIMPLE in the 1980's seems to be forgotten these days --for example you can make a Phone jammer by simply creating for a few cents a White noise 2.4 / 5 GHZ Oscillator generator -- but I'll bet zillions of people haven't a clue about how to make one. !!! Mobile phone signals - microwatts -- a 5mw (milliwatts -- many times bigger than the average mobile phone signal) device about the size of a 10 pack cigarette packet with a 9V battery will KILL any phone reception for about 100 metres !!!!!. All you need is a simple Inductor and a capacitor plus use the "magic Formula" --

To start you off -- here's a Wiki article - but it's high School physics 101.

(Don't underrate us old fashioned Engineers just yet !!!).

LC circuit - Wikipedia, the free encyclopedia

Cheers
jimbo