Should I allow google to manage my passwords? Do you?
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I use both Keepass and allow Google to store passwords, at both work and at home. A few reasons why: * My corporate IT Security department is about as security crazy as you are (which is not necessarily bad). They recommend we use Keepass. * I use a different password for every website. * Keepass is my local store for passwords I really care about. Google is for convenience for throw-away websites. * Many websites have no personal info on me (just an email address). * I have a throw-away email address I use for sites that are suspect or I don't expect to use again. * Many websites are throw-away sites. I need to log in once for some specific reason and might never go back there. * Except for a few financial-based websites, I don't care if it gets hacked. It won't impact my life or access to other websites. * Why? Most info that people think is private is actually very public and has been long before the digital age. Just my 2 cents.
Bond Keep all things as simple as possible, but no simpler. -said someone, somewhere
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
This is my personal opinion, but I would suggest to stay away from Google. I just can't trust them. Remember what was discovered about the Private mode on Chrome . . . well they were still tracking you :mad:. I will not say more.
Gilles Plante
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
NO, perhaps and yet. NO! I have three levels of passwords ok four. Level 1 - the password that I throw away. I have like three of these depending upon my mood. My kids know them. Friends know them. I don't really give them out. But I don't care if Google knows them. For when I login to stupid areas of the web. Places that want a password that really I am like why??? Level 2 - Semi secure. I don't let Google or anyone know these. They follow a basic formula that I have in my head. I can "guess" what my password user combination is just based upon which website I am at. for instance. Facebook has a combination of fb in the string of characters that I use. My son and Daughter have figured out this code. The dear wife has not. funny that. Level 3 - Work password. Different than anything else. not related. Only in my head. Level 4 - Banking only the Dear Lady knows this password. Updated on occasion. Written down in an envelop stored in the gun safe that only my lady and I know the combination. I should add this works for me. Also, since I own my own domain. I frequently signup with email addresses off the top of my head like. thisbusinessname@mydomain.com For example bestbuy@mydomain.com I can then easily tell who is selling my information. And I always use the level 1 passwords at that time. I never really have to write down a password this way. except for Level 4.
To err is human to really elephant it up you need a computer
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I usage keepass and can't envision why should I give up it in favor of some shady corporation
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Yes, I use Google. I have a hard copy file encrypted and I keep Google's password strong and updated. I figure it's no better or worse than LastPass or another manager. I hate the "all my eggs in one basket" but what's really the alternative? I have over 500 passwords and every single one is unique, long, and complicated. I can't remember 5 of them let alone 500. I have to have some manager to help with it.
-
Ravi Bhavnani wrote:
As I understand, this data is local to my PC.
Google / Chrome and only local in PC... do you really believe it? :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
"I'll back that up to the cloud for you." -- Clippy
-
and yet, my username and passwords have not been compromised. By law, Google would have to notify me if they were. I have yet to receive any such notification.
How is Google or anyone else supposed to know what was stolen?
-
now you are reaching.
not really. Big corporations don't care about keeping user data safe - all I have to do is cite the dozens of breaches and the delayed "oops, we got hacked" announcement. I refer you to the Equifax case where they kept it under wraps for quite a long time. I guess I can see the efficacy of checking the dark web for accounts/passwords, but that means they have my account / password in the clear. Hmmm.
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
So, I manage my passwords locally - I've never really invested in a password manager, mainly because I JUST DON'T TRUST THEM. When I see terms and conditions that say, "If we get hacked and someone gets your passwords, we will pay you lots of money to compensate our error." When it comes to security, I'm paranoid. I prefer to manage it myself and not depend on other people. Looking at JSOP... Another example: Report: Amazon awarded secret $10B NSA cloud computing contract, Microsoft files protest - GeekWire[^] I have no idea why the NSA thinks this is a good idea. Maybe they aren't putting much interesting stuff up there, but still.... Sorry, ooo shiny I got distracted. So, I guess google has added something to chrome that will magically save all my passwords in their vault, and frankly, I think that's just creepy. Hell, they probably have them already now that I think about it. Comments?
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I barely trust Google to be my search engine, and honestly most of it out of habit, so no, i don't trust my passwords to them. If you're super paranoid, you can use an open source password manager like KeePass, or if you want some more convenience something like Bitwarden, which can also be self hosted.
"Science fiction is any idea that occurs in the head and doesn’t exist yet, but soon will, and will change everything for everybody, and nothing will ever be the same again." Ray Bradbury
-
I'm never logged in to Google, but use Chrome's pwd manager (on my Windows box) to manage my passwords and credit card information. As I understand, this data is local to my PC. /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
-
This is my personal opinion, but I would suggest to stay away from Google. I just can't trust them. Remember what was discovered about the Private mode on Chrome . . . well they were still tracking you :mad:. I will not say more.
Gilles Plante
Gilles Plante wrote:
Remember what was discovered about the Private mode on Chrome . . . well they were still tracking you
I don't think there was ever anything to be "discovered" there, except for the unwashed masses who don't know how a browser works (not that I blame them). And they make no bone about it...I've just launched an instance in incognito mode, and they do point out "Chrome won't save the following information:" vs "Your activity might still be visible to:"... Edge does the same, although their wording might be a little more user-friendly ("What InPrivate browsing does" vs "What InPrivate browsing doesn't do").
-
I barely trust Google to be my search engine, and honestly most of it out of habit, so no, i don't trust my passwords to them. If you're super paranoid, you can use an open source password manager like KeePass, or if you want some more convenience something like Bitwarden, which can also be self hosted.
"Science fiction is any idea that occurs in the head and doesn’t exist yet, but soon will, and will change everything for everybody, and nothing will ever be the same again." Ray Bradbury
-
Ravi Bhavnani wrote:
As I understand, this data is local to my PC.
Google / Chrome and only local in PC... do you really believe it? :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
Nelek wrote:
do you really believe it?
Even with not being logged in to Google (and therefore it not knowing the user context)? :confused: /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
-
Nelek wrote:
do you really believe it?
Even with not being logged in to Google (and therefore it not knowing the user context)? :confused: /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
Have you ever been logged in to google in that computer? How many people log in to google in that machine? Do you use a gmail account? How often do you use it? Have you used it to register to some of the places that you manage with the password manager? How often do you clear the history, cookies and other stuff? They might know more than you think. Even without being 100% sure because you are not logged in, they could have a "good estimation".
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.