LastPass here.
Quote:
Originally Posted by PsYcNeT
Change all passwords to mnemonics.
Seriously though, password management software (to me) just seems like a really bad idea.
|
There are about 40 passwords that I need to know at any time, independent of a password management system. For these passwords a combination of anagrams and acronyms combined with reasonable but complex salting system allows me manage without much issue.
What about the other ~300, for random sites around the internet?
Password (partial or full) reuse, especially if you are entering a password into a system that you don't fully understand, is far more dangerous than having all your passwords in one location, that has secure crypto with 2 factor authentication.
You just need to look at the various password breaches in the last 12 months alone. Adobe, is a prime example. If Billy Bob site admin over at
www.bobshouseofabortionphotos.com stores my complex password in the clear, or without a salt, using 4 bit encryption, I can't control who gets a hold of that password. I need a password I can generate in 5 seconds, that I will never lose access to and is at least 16 random digits, and can throw away without a care in the world if it gets compromised.
That's what LastPass does for me.
It would do wonders for regular people, who decide that monkey123 is the password that gets used for everything, from their banking to their porn account.