what password manager should i use? I'm using 1password
what password manager should i use? I'm using 1password right now but my trials up
Your head
My own memory.
Keepass. Or LastPass if you can tolerate cloud shit.
A pen and a pad.
Anything else, and you are just asking to be blown the fuck out one day.
I use KeePass for most thins and LastPass for sites I don't care about.
>using password managers
>not using password managers
Password reuse and insufficient complexity are the two biggest security problems with passwords, and password managers solve them both. Are all your passwords at least 16 random characters, containing letters, numbers, and symbols? Can you remember dozens of those? No? Are you writing them down? Good job giving the keys to your whole life away to anyone who happens to steal your wallet or find the post-it on your desk.
>Or LastPass if you can tolerate cloud shit.

>trusting "the cloud" with your passwords
>trusting a company who has already been breached
I hear good things about http://masterpasswordapp.com/

...though im using keepass.

Don't use cloud based password databases.
I've used one 16 character password with variations all my life and not once have I got it stolen or hacked.
>with variations
you know all the password-cracking software out there speaks l33t and tries those variants of everything in its database, right?
I have a 20 character password, where I sub !'s for ?'s, and so on. I have about 5 or 6 simple variations that I use everywhere. 10 years and counting. Submitting your passwords to a 3rd party company is absolutely moronic every way you slice it.

I refuse to be a good goy.
>Submitting your passwords to a 3rd party company is absolutely moronic every way you slice it.
I agree with you completely. That's why you don't. KeePass has no cloud features at all. Your password database is encrypted and stored in a file, which goes where, and only where, you put it, and is easy to back up.
keepassx beta 2
your brain
Open source, multi platform, free (as in beer), no botnet.
How do they make monies?
Common sense + brain works pretty good for me.
You can have a password like "CorePass + Derivation for every site"
money isn't everything for some people, anon.
So is it a maintained by one greasy nerds living in mom's basement? Nothing in this world is free. Office? Lights? Internet? Manpower? How do they pay for it all?
From whatever their day jobs are.
i mean you're assuming they dedicate all their time to this one project and don't have actual jobs while developing open source stuff on the side for fun.
what the fuck, how gnu are you?

fuck off proprietaryfag
>You can have a password like "CorePass + Derivation for every site"
You can, but it's pretty insecure.

> I sub !'s for ?'s, and so on. I have about 5 or 6 simple variations that I use everywhere.
That might make you feel better, but it's not that secure either.

It's probably run on donations and spare time. That's a pretty common model for smaller programs.
2 spooky 4 me
nothing wrong with a self-signed cert
let the webmaster know about letsencrypt anon, help support the project by contributing
Go ahead then, I don't even use the program.
Buy one password, it's the prime alpha
is this a joke?
>implying you can trust certificate authorities, or any authority.
what if i need to log into an account on another computer and i do not have my password manager??? what then?????
None of your passwords should be stored anywhere except in your head. Now if you will excuse me, I need to go back to trying to remember my e-mail password.
>logging in on untrusted machines

you deserve everything you get.
>is this a joke?
No, but plenty of CAs are.
Your brain.
this and this only

I only use Lastpass for anything not connected to my real identity or payment info. Everything else has it own unique password.

Fuck if i'm going to bother remember passwords for websites that don't have my real name or main email.
>Password reuse and insufficient complexity are the two biggest security problems with passwords
I fail to understand how insufficient complexity is a security shortcoming when it comes to passwords.

If someone is trying to guess my password, they'd sooner guess jd7qp!TRs than what I actually use. Just because my password uses real words doesn't make it easy to guess. There's a lot of real words to pick from and it's not like I'm using my birthday or anything. The biggest security shortcoming is making easy password reset questions.
not OP, but maybe you're misunderstanding by what they mean by complexity.

People simply use "123" as post or prefix to some common word and thing thats 'complex'
>digitally storing all of your passwords in one location
>what could go wrong?

no thanks. my brain works.
>not once have I got it stolen or hacked.
You mean, you have not yet noticed anyone fiddling with your accounts. Big difference.
>my brain works.
That reminds me of what that one kid said in middle school right before he got hit in the head with that baseball.

Famous last words.
