Which password manager do you use for your MacBook Pro?

xShane · Jan 28, 2013

mslide said:
Actually, that's probably one of the more insecure ways to do it. Humans are not nearly as unique/creative as we think we are especially when it comes to creating passwords. Not to mention how easy it is for modern computers, loaded with GPUs, to crack "secure" passwords.

I'll take a password manager, governed by a master password that was truly generated in a random fashion by me, over my head any day.

Except for the fact it's not truly generated in a random fashion.

ybz90 · Jan 28, 2013

xShane said:
You just (basically) criticized me for a "rude attempt" to ridicule you, yet to turn around and do the same thing. Practice what you preach, huh?

Anyhow, back to the main point. The OP asked for a password manager, and I suggested a reasonable one. He doesn't have to use my suggestion -- it is merely a suggestion. Chances are, he's not going to acquire all the other suggestions, either. You instantly jumped and attacked me, first.

For obvious reasons, I'm not going to disclose how I mentally manage or create my passwords.

It's not wise to put all of your eggs in one basket, or in other words, all of your passwords in one application. What if your password storing application is compromised. Oops, I guess all of your stored passwords are in trouble.

Furthermore, the program's algorithm that generates your passwords could in theory be reverse engineered. And don't give me this "random" BS. It's not truly random.

Mine was not a personal attack; I attacked the content of your message, which I do not think is helpful at all to the OP, not your character, intelligence or person. As for your counterpoints, they are valid in the sense that no solution is perfect, but the cons involved in using something like 1Password, especially for the OP's case, is better than the alternatives, including the one you suggested.

And to be fair, let's be honest, it's not really a reasonable suggestion. Unless you disclose your mental organization strategy, it isn't very useful for the OP, now is it? To me, the reasons for not disclosing password management/creation are not obvious, unless they are formulaic and can easily lead to your own actual passwords, in which case, I don't see how it's better than pseudo-random password generation. Or maybe they don't exist. Just saying.

The fact is, what you suggested really isn't useful to the OP. That's my problem with it. I attacked your post because it is harmful advice. Maybe it works for you, but without knowing how you do it, it won't work for 99% of people out there (maybe it won't even work for most people even if the knew how you do it, which you aren't disclosing anyway), and as such, it constitutes really horrible advice. The average person who sees your post and takes your advice won't do your magical, fancy pants mental algorithms, and will leave themselves susceptible to password theft.

You basically said: Do X, which requires doing Y or else it will totally stupid. I'm not telling you Y though.

----------

xShane said:
Except for the fact it's not truly generated in a random fashion.

No machine random generators are truly random, but the human mind certainly is not either, and reverse engineering the generator shouldn't be a problem as the hacker would not know any of the information regarding seeds, when it was generated, possible hardware specific identifiers, etc that may or may not be required in the algorithm.

----------

xShane said:
*You* can't be serious. A notepad doc? Seriously?

I'll agree with you here. A physical notepad is probably the worst thing to do. (edit: digital is pretty bad too).

mslide · Jan 28, 2013

xShane said:
Except for the fact it's not truly generated in a random fashion.

Are you referring to my claim that my master password was generated in a random fashion? It was indeed. I did not use a computer to generate it. Nor did I use a long phrase, sentence, etc. I used a dice to generate it. I'm about as anal and paranoid as you can get when it comes to generating a master password.

xShane · Jan 28, 2013

ybz90 said:
Mine was not a personal attack; I attacked the content of your message, which I do not think is helpful at all to the OP, not your character, intelligence or person. As for your counterpoints, they are valid in the sense that no solution is perfect, but the cons involved in using something like 1Password, especially for the OP's case, is better than the alternatives, including the one you suggested.

And to be fair, let's be honest, it's not really a reasonable suggestion. Unless you disclose your mental organization strategy, it isn't very useful for the OP, now is it? To me, the reasons for not disclosing password management/creation are not obvious, unless they are formulaic and can easily lead to your own actual passwords, in which case, I don't see how it's better than pseudo-random password generation. Or maybe they don't exist. Just saying.

The fact is, what you suggested really isn't useful to the OP. That's my problem with it. I attacked your post because it is harmful advice. Maybe it works for you, but without knowing how you do it, it won't work for 99% of people out there (maybe it won't even work for most people even if the knew how you do it, which you aren't disclosing anyway), and as such, it constitutes really horrible advice. The average person who sees your post and takes your advice won't do your magical, fancy pants mental algorithms, and will leave themselves susceptible to password theft.

You basically said: Do X, which requires doing Y or else it will totally stupid. I'm not telling you Y though.

----------

No machine random generators are truly random, but the human mind certainly is not either, and reverse engineering the generator shouldn't be a problem as the hacker would not know any of the information regarding seeds, when it was generated, possible hardware specific identifiers, etc that may or may not be required in the algorithm.

----------

I'll agree with you here. A physical notepad is probably the worst thing to do. (edit: digital is pretty bad too).

You're probably right -- without a good understanding of how to create your own passwords so that they are secure, creating passwords on your own probably isn't that reliable. But that was beyond the scope of the OP's requests. I was assuming he/she is a fairly intellectual individual, and such, I was only recommending how to store their passwords, not how to create them.

----------

mslide said:
Are you referring to my claim that my master password was generated in a random fashion? It was indeed. I did not use a computer to generate it. Nor did I use a long phrase, sentence, etc. I used a dice to generate it. I'm about as anal and paranoid as you can get when it comes to generating a master password.

Okay, I apologize for assuming. I thought that you meant you used a program to generate your master password

ybz90 · Jan 28, 2013

xShane said:
You're probably right -- without a good understanding of how to create your own passwords so that they are secure, creating passwords on your own probably isn't that reliable. But that was beyond the scope of the OP's requests. I was assuming he/she is a fairly intellectual individual, and such, I was only recommending how to store their passwords, not how to create them.

Fair enough, I admit I do not know your particular needs or usage scenario, so perhaps it was unfair for me to judge your case based on my own.

xShane · Jan 28, 2013

ybz90 said:
Fair enough, I admit I do not know your particular needs or usage scenario, so perhaps it was unfair for me to judge your case based on my own.

Then it sounds like we have come to a fair conclusion.

I'm sorry for personally attacking you, as it wasn't right for me to do so. I only intended to suggest a solution as a possible password manager. I do not believe current password managing software is truly secure. Is it more secure than how an individual creates and stores there password in their head? That's an entirely different debate in its own right.

SupadudeX · Jan 28, 2013

Spink10 said:
Do you use it on iOS? Haven't decided if it is worth it for $1 a month. Im cheap!

----------

Do you use for iOS?

I just use the free version. Haven't tried it on iOS.

CarreraGuy · Jan 29, 2013

Lastpass...it's free but paid version gives you mobile and yubikey support.

Steve Gibson @grc gave it his complete run through and thumbs up.

And if you're super secure check out their grid feature - (one flavor of their second factor authentication) so God forbid someone gets your master password they would also need your grid. You can also disable the grid for certain devices.

They also have LastPass pocket if you want everything offline.

Search

Search

Which password manager do you use for your MacBook Pro?

xShane

macrumors 6502a

ybz90

macrumors 6502a

mslide

macrumors 6502a

xShane

macrumors 6502a

ybz90

macrumors 6502a

xShane

macrumors 6502a

SupadudeX

macrumors member

CarreraGuy

macrumors regular

Our Staff