Should I allow google to manage my passwords? Do you?
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
absolutely NO to me...
diligent hands rule....
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I'm just sooo tired of thinking about elephanting passwords.
CI/CD = Continuous Impediment/Continuous Despair
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I'm never logged in to Google, but use Chrome's pwd manager (on my Windows box) to manage my passwords and credit card information. As I understand, this data is local to my PC. /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I have no worry at all with Google managing my passwords. They have been doing a fine job all these years, with no security breaches that I am aware of with my accounts. All of my financial sites, and most sites that I pay money on, require 2FA. So, even if my password is compromised, they still can't get in. You know, you can always keep your passwords under the mattress. Just saying.
-
I have no worry at all with Google managing my passwords. They have been doing a fine job all these years, with no security breaches that I am aware of with my accounts. All of my financial sites, and most sites that I pay money on, require 2FA. So, even if my password is compromised, they still can't get in. You know, you can always keep your passwords under the mattress. Just saying.
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Google isn't quite Facebook when it comes to privacy scandals (and to make things more spicy, Facebook announced homomorphically analyzing encrypted user communication to target ads), but they're not that far behind, including Google insiders stating that location privacy settings on Android are obtuse on purpose to trick people into not disabling location tracking. My point is, I suggest not to trust Google. At all. Their "don't be evil" motto has been a hollow shadow 10 years ago and there's no reason to assume things would get any better.
-
I don't use Chrome. I do use Edge and let MS manage and sync my passwords. Edge also alerts me when a userid/password combination has been discovered on the dark web.
-
Actually, The APT17 group via shared international tooling performed Operation Aurora[^] a which penetrated Google along with a myriad of other national assets.
and yet, my username and passwords have not been compromised. By law, Google would have to notify me if they were. I have yet to receive any such notification.
-
I'm never logged in to Google, but use Chrome's pwd manager (on my Windows box) to manage my passwords and credit card information. As I understand, this data is local to my PC. /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
Ravi Bhavnani wrote:
As I understand, this data is local to my PC.
Google / Chrome and only local in PC... do you really believe it? :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
and yet, my username and passwords have not been compromised. By law, Google would have to notify me if they were. I have yet to receive any such notification.
Slacker007 wrote:
By law, Google would have to notify me if they were. I have yet to receive any such notification.
Yas if they always do what law says... :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
Slacker007 wrote:
By law, Google would have to notify me if they were. I have yet to receive any such notification.
Yas if they always do what law says... :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
now you are reaching.
-
Ravi Bhavnani wrote:
As I understand, this data is local to my PC.
Google / Chrome and only local in PC... do you really believe it? :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
Like I said, you can always keep your passwords under your mattress.
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Use the browsers manager for basic websites, say codeproject, and 1Password for everything else, it's never been hacked, and will protect your stuff better than you can. There are so many websites, the totally undisputed best thing you can do, is use a different password on each one. I can't remember them, so 1Password does.
-
I use Keepass and I could not be more pleased with it. I do not trust Google as far as I could throw a Sherman tank.
Zaphod
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I use Keepass, but have been wondering if it is a good idea. It is open-source, so couldn't someone motivated just gt the code to decrypt it and bust any keepass database?
-
Use the browsers manager for basic websites, say codeproject, and 1Password for everything else, it's never been hacked, and will protect your stuff better than you can. There are so many websites, the totally undisputed best thing you can do, is use a different password on each one. I can't remember them, so 1Password does.
I also use 1Password. It defaults at 20 characters but you can set it longer or shorter and tell it to include dashes, hyphens and characters. I've had problems because of the website (doesn't allow underscores or something similar) but not with the 1Password program. I don't trust Google, I'm not sure about FireFox, and at times I've heard bad things about most pay password managers, but a lot of that is that people don't like the re-occurring cost. I don't either, but I don't want to try writing something myself and my only real option other than a manager is to write it down, even though I'm not supposed to. And I still need to come up with a unique password myself that doesn't violate whatever rules that site/program requires. There are probably other good managers out there, so pick one. That's the path I would advise- find a dedicated password program that isn't owned by a company whose primary business is selling your information.
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Maybe I'm thinking old-school and this has been mitigated, but... Isn't the browser's password manager running in, well, the same process space as the browser itself? Doesn't that mean that a running plug-in is just a buffer overflow away from being able to access any memory the browser has access to, including that of its password manager...?
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I use both Keepass and allow Google to store passwords, at both work and at home. A few reasons why: * My corporate IT Security department is about as security crazy as you are (which is not necessarily bad). They recommend we use Keepass. * I use a different password for every website. * Keepass is my local store for passwords I really care about. Google is for convenience for throw-away websites. * Many websites have no personal info on me (just an email address). * I have a throw-away email address I use for sites that are suspect or I don't expect to use again. * Many websites are throw-away sites. I need to log in once for some specific reason and might never go back there. * Except for a few financial-based websites, I don't care if it gets hacked. It won't impact my life or access to other websites. * Why? Most info that people think is private is actually very public and has been long before the digital age. Just my 2 cents.
Bond Keep all things as simple as possible, but no simpler. -said someone, somewhere
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
This is my personal opinion, but I would suggest to stay away from Google. I just can't trust them. Remember what was discovered about the Private mode on Chrome . . . well they were still tracking you :mad:. I will not say more.
Gilles Plante
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
NO, perhaps and yet. NO! I have three levels of passwords ok four. Level 1 - the password that I throw away. I have like three of these depending upon my mood. My kids know them. Friends know them. I don't really give them out. But I don't care if Google knows them. For when I login to stupid areas of the web. Places that want a password that really I am like why??? Level 2 - Semi secure. I don't let Google or anyone know these. They follow a basic formula that I have in my head. I can "guess" what my password user combination is just based upon which website I am at. for instance. Facebook has a combination of fb in the string of characters that I use. My son and Daughter have figured out this code. The dear wife has not. funny that. Level 3 - Work password. Different than anything else. not related. Only in my head. Level 4 - Banking only the Dear Lady knows this password. Updated on occasion. Written down in an envelop stored in the gun safe that only my lady and I know the combination. I should add this works for me. Also, since I own my own domain. I frequently signup with email addresses off the top of my head like. thisbusinessname@mydomain.com For example bestbuy@mydomain.com I can then easily tell who is selling my information. And I always use the level 1 passwords at that time. I never really have to write down a password this way. except for Level 4.
To err is human to really elephant it up you need a computer