He doesn't generate his own passwords

>he doesn't generate his own passwords
>he uses the same password on more than one program or website
>doesn't use a password database

How do you live, Sup Forums?

Other urls found in this thread:

blog.lastpass.com/2015/06/lastpass-security-notice.html/
twitter.com/SFWRedditVideos

>having one password to all of your passwords
At face value, this seems like an absolutely retarded idea.

It would be if the passwords were accessible by anyone but you.

That would be a problem if anyone could access your database to begin with.

My keepass2 database is held on a flash drive on my keys, in an encrypted partition with a backup on my desktop at home, also stored similarly.

I used lastpass for a while until Linux Action Show disowned it for security reasons. They used to be a sponsor until recently. Keepass1/2 are way more secure.

Remember that people spreading malware are always in it for the money. Keylogging your services doesnt earn that much anymore in the days of every service promoting 2-factor auth.

>I used lastpass for a while until Linux Action Show disowned it for security reasons.

LAS disowned it because lastpass was hacked into and had tons of encrypted user information taken.

blog.lastpass.com/2015/06/lastpass-security-notice.html/

NEVER trust online password managers, even Mozilla, even Google.

i have a simple website with form and javascript that takes the input and makes a md5 of it, then i add some personal letters, always the same ones, and use this whole thing as a password. I put there the domain name of the web i want to use the password to. This way :
> I dont know any of my password
> There aren't stored anywhere as they are calculated upon need
> Noone can threaten me to open webpage in few seconds
> I can store the webpage offline for paranoia reasons
> can access it from anywhere
> my personal string put after the calculated string is still prviate even if anyone would discover the method
> if i lost it or dont have access to this page in particular, i can pretty much replicate the md5 algorythm using anything else

I write my passwords on a piece of paper and keep it in my room

Who here has there keepass database stored in the cloud?

who here uses the wrong their?

Am I the only one able to remember all of his passwords?

Please, my password is secure enough. It has 6 letters and 1 number.

I run an owncloud, but still keep it off my network. Keep that shit off of the web.

>tfw use 'password' as password
>tfw add Unicode character at the end
>tfw literally no one will be able to hack me because literally no one, not even NSA, bothers including Unicode characters when bruteforcing

>house fire
>both your usb and hdd burn to ashes

Good idea

>be me
>use one password for every service
>one of them fucks up and i get a warning from my mail provider that some russian tried to log into my account
>i had to change every single password for every single account on every single website that i was using

This was the moment I started using a password manager, and unique users and passwords for everything. Do you see the benefit?

wow, you need to be wrenched son

Better keep a backup piece of paper somewhere. Fire is a mean bitch sometimes.

>i used to be really retarded
>now im only semi retarded

>>now im only semi retarded
Explain your flawless solution then. Note that I didn't claim that using a password manager was flawless, I responded to a very specific statement.

>house fire

...My keys are always on me if I'm not at home. I cannot lock my door without taking my keys.

All the security professionals write down their passwords in a notebook and keep them at home. If somebody breaks into your house they're not going to go through your drawers stealing your notebooks. The only downside is that you would have to recover all your passwords if there was a fire or something and it burned, but that wouldn't take that long, and what are the chances of that happening anyway.

And how would this be safer than storing them in an encrypted file?

>All the security professionals write down their passwords in a notebook and keep them at home.

Unless reality can encrypt written word, I'd call your post bullshit. No one is going to keep their life in the hands of an easily-legible notebook.

Because you're plugging into your computer you dumb pajeet, are you fucking serious? A single key logger or RAT on your device when you mount it and your life is fucked.

inb4 but I-Im sm-smurt I dont download things!
All it takes is another zeroday like those java drive ways that were so popular a few years ago.

Implying a RAT wouldn't get your handwritten passwords when you type them, retard

Yeah, that sounds reasonable. My life wouldn't be fucked because of someone accessing my normie shit though.

No reason to go into an autistic fit though, I simply asked a question.

A RAT wouldn't get all your passwords when you type one in you fucking idiot, off yourself. With a password manager it would.

>I'll only ever type one password during the lifetime of whatever malware is on my PC

This is the worst idea for password management ever

USE KEYFILES

I do exactly this. Except I'm not a security nerd who logs out of sites every session.

Are the browser addons for Keepass reliable?

Got my database on Dropbox, my key on my hard drive, and my master password in my head.

>not using the old something you have something you know mentality
>ISH...