Computer Software > Security

Vulnerabilities in LastPass Chrome and Firefox add-ons

<< < (2/3) > >>

sevenlayermuddle:
One tactic of my own is to refuse, as far as possible, to use websites that require setting up of an account, with another password to remember.

For example, I pay my utility bills via 'pay by phone', it is cumersome, but avoids yet another password.   Couple of weeks ago I bought a railcard, and did so face to face at a station ticket booth, even though it would have been less bother (and cheaper) to just set up an online account - as that would have meant another password.

Where passwords cannot be avoided then actually I believe simpler and more easily remembered passwords, even with carefully considered duplication,  are often (not always) more secure than long and complex ones, since the long and complex ones tend to need writing down - either on paper or in a password manager.

jelv:

--- Quote from: ejs on March 22, 2017, 07:47:37 PM ---Or they have their own solution that works for them, which could be using their browser's built-in password storage, and/or saving the passwords to a file. Quite a lot of the passwords I wouldn't consider to be particularly important anyway.

--- End quote ---

Both of which would be way, way, way less secure than using a password manager where the whole file is encrypted!

Chrysalis:
keeppass is in a different league to browser based password managers.  The level of possible risk is completely on another level.

I trust browser built in password managers more than addons as the likes of google are going to be able to embed it in the browser much more efficiently than 3rd party developers and also likely have better developers. Same with mozilla. With that said, for certain sites I dont even use the browser inclusive manager, I tell it to not remember on sites like banks and paypal, for those I just use keeppass.

jelv:
@sevenlayermuddle

I can sympathise with the avoidance tactic!

ejs:

--- Quote from: jelv on March 22, 2017, 08:36:33 PM ---Both of which would be way, way, way less secure than using a password manager where the whole file is encrypted!

--- End quote ---

That's true, but it depends on what you want it to be secure against.

Firefox does have the facility to set a master password for its stored passwords.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version