Should You Be Using a Password Manager?
Vložit
- čas přidán 15. 11. 2020
- Follow for weekly cybersecurity videos!
Business Insider on Password Managers: www.businessinsider.com/are-p....
LastPass: www.lastpass.com/password-man...
KeePass: keepass.info/
Made in partnership with Grizzly Information Security Solutions
Learn more!
LinkedIn: www.linkedin.com/company/griz...
Website: grizzlyshieldservices.com/
Follow me!
TikTok & IG: @rey.nbows
Twitter: @reynbowss
Discord: / discord
www.reyjarrell.com - Věda a technologie
the best password manager ever is a sheet of paper you can't hack a sheet of paper
yet
wait until we have quantum omnicomputers or crystallized memories, then everyone’s information ever is in danger
No, but I can likely pick your home's lock and read your sheet of paper. Or hack your webcam and take a screenshot when you have the paper pulled out.
Or the most likely approach: I can just ask you for it without you realizing that I'm not who I say I am. #SocialEngineeringWinsAgain
*webcam hacks*
I use Bitwarden it’s amazing and it has 2FA 🔥
Edit: my dumbass forgot to put 2FA on 🤦♂️
Agreed 💯👍 why no mention of the single password manager that does every thing better than the rest?
I use Keeper AND a Yubikey for 2FA with built in NFC for use with mobile devices. Boom!
Keepass + Syncthing = Keep your password database in sync without putting it on the cloud. Works on almost any device.
Good choice
Today I found out my email was one of the 3B that were leaked in the COMB data breach. I’ve been meaning to change all of my passwords and tighten my security but just “haven’t gotten around to it”. This was enough of a kick in the pants to make me decide today is the day. The first thing I did was come to your page and look for a video on password managers. As usual you did not disappoint. Thank you so much for the solid advice and keep up the amazing work. 🤙🏼
Been using LastPass for years and genuinely couldn’t be happier. Plus their free account basically gives you everything you need.
Here from Tik Tok. Great information that is much needed
Saw one of your re-uploaded videos on some other channel and it's so good stuff that I had to come looking for you !!
I've been following your vids for some time now. Inspirational and enlightening.
I used LastPass for years and got a bunch of people at work to use it. But a couple of years ago I switched to 1Password so I could share common accounts more easily with the family. Plus the browser plug-in contains 2FA generation, which is a time saver.
Note: Stay away from any password manager that says they have a recovery option for the secret key, this means they have a copy of your key and thus your secret data:) Good ones are Lastpass, Dashlane, or Keypass. I did a study on these in College, and found them to be safe, secure, and have a Trust No One Policy in place. The only one I can say that has been forensically reverse engineered and found to have implemented the encryption and code correctly was Lastpass, others I don't know about at a forensic level. With the exception of the the "remember this device for 30 days" code. This box must remain unchecked at all times! There is an attack that works against this code as this code was flawed, but.. It encrypts the data on you PC before transmission, with your private key Lastpass never has, and is encrypted again before storage on the Lastpass servers, thus data is never vulnerable in transit or at rest. That blob is then returned to your PC when you need it, and only then is it decrypted for your use, no one else ever sees it or has access even if they were to be hacked. If you use 2FA; use an security token with a personalized key written to it, and which lacks the API for retrieving the private key such as Yubikey. This will allow you to use a password you can remember but the other 4096 bits of this password is saved on an Security token which will need to be present during login. Do not use an phone as 2FA as phones can be spoofed! Also restrict logins from other countries, VPN, Tor, etc.. to minimise the attack surface:) Came from Tik Tok:)
So you do recommend a Yubikey? Also restrict logins from other countries so go into settings and turn off out of country logins? Also so even if Lastpass or my PC is hacked if i have a Yubikey i will be good and safe unless faced against a really good hacker?
What if I use a VPN myself, will I have trouble logging in?
The mobile Lastpass has an option to reset the Master Pass with biometrics. (without being logged in)
Thank you for answering this question!
just want to say for anyone who doesnt already know this:
2FA is good to have BUT it's not a guarantee that your data is safe with it
2FA getting intercepted is becoming more and more common especially if the unwanted accesser knows what they're doing
I am using Keepass
Thank you Rey! 🖤
Its sad how many ppl reuse passwords.
Bidwarden is on top of the list of password managers.
HAHAHA Your passion at the 6min mark was fantastic!
Great sound quality! :)
If you have 2 step authentication doesn't matter if they your password. They won't through the trouble of spoofing your sim, card unless you are really important or they really want that account.
Used Keepass for at least 7-8 years now 🖤
Good choice
Hey Ray, I came from tiktok. Great videos!! Btw I use Dashlane, it has a free plan, but i use the premium one, which also has a VPN. Keep up the good work.
I actually use Keeper, along with all your recomendations, I can add family,,...
not me watching this video and then downloading LastPass, changing every password (that were all the same) saved in my google settings, adding the new (very long and safe) passwords to LastPass, and then deleting my debit card and addresses off of my google account
That screaming of "2FA" ! Love it. Seriously, DO NOT USE ANY SITE THAT DOESN'T SUPPORT 2FA/MFA!
If they don't demand that they do, and/or close your account!
in fact, both of my workplaces (everything done online) require 2FA, which is something that makes me so happy.
I use paper and pencil for all my passwords, and I think it works fairly well
I've known I need to stop being lazy and reform my online presence with 2fa and duckduckgo and other similar stuff (like password managers) for a while, and fiiiiine! I'm doing it! Thank you very much for all the great info, and the motivation. The initial period till it's automatic to use this things is going to be annoying :'( but ultimately worth it. Yay for security!
I normally use 2FAS Auth for my passwords
I use the Password manager built in to Apple devices! seems to work for me fine, and they also tell me if I'm reusing a password or if a site has been hacked and my info was leaked.
Also, the ending 🖤
I keep a couple of single use passwords in my wallet for my password manager without any mention of what they are for.
LastPass is great! I have it and forced my parents to use this instead of their journal of passwords. We can even share passwords (with or without actually being able to see the password characters)
your makeup looks great, and I did watch you on tic tok
I have so many passwords and different variations of them, I've never had to have a password manager. A friend once tried to show off that he had a master password. Dashlane was pre installed on my new computer when I got it, but I just eventually uninstalled it. Thank you for this. Like when choosing a password is it smart to put them in classifications and groups so that you can somewhat use the same password for a certain group of devices or accounts. Having another group of accounts and devices with a completely different password?
I miss going out also.
I love your makeup toooo~
my goal in life is to be as powerful as rey 🥺❤️
hey hey, where'd you get your necklace from? is it a commemorative bitcoin?
I've been using Lastpass for a few years now. I am not saying it's the best, there are plenty out there. All I can say in all those years nothing "weird" has happened.
Yup! I came from TikTok
So instead of responding to my email you made a whole video about it 😂😂
So im just getting into Cybersecurity so in the situation that Last Pass got hacked would they notify me immediately? Im going to do more research as well as see if its right for me. Also i have one more question with a yubikey what would happen if i lost it would i just lose all of my accounts? Thank you for responding!!
Hey, I'm from Brazil and there's been a series of Ransomware attacks in government systems over here, could you make a video about it please? Either here or on tiktok 😅
I once heard someone say an address book, like a physical book, with paper, and addresses written in it, serves as a fantastic password log. The passwords the address book's owner would create and use are a systematic use of characters in a regular old physical address. So, for example
John Adams
123 Main St.
Any City, NY 12345
is an address in that address book, the password might be Aj13MSaYN54321
Next time a password needs changing, go to the next address in the address book and repeat the same pattern
Doc Brown
9876 Twin Pines Rd.
Hollywood, CA 56789
Password: Bd98TRhAC98765
I used to just use an encrypted spreadsheet.
Help me here, my bank app uses email for MFA, how can that work for a password manager? I would need it to log in to my email and vice versa. That sounds like a living nightmare.
Anyone know if dashlane is any good?
I use norton password manager, are they exploitable currently?
On it
Do you play spellbreak on switch?!!!
I thought we were friends, Jessica! Geez...
How about KeePass?
Most Secure cause it isnt Offline,use AES 256,
No mention of 1Password? I feel like it's a lot less janky than LastPass.
Ugh, I fkn hate LastPass - work has virtually forced it into our ecosystems, and it just doesn't work - or rather it DOES work, but it significantly slows down the speed at which one can access our sites. Between having a 2FA app for a number of sites AND having to constantly fix LastPass' ...quirks... within a Citrix environment, in the Chrome extension, it is just a hinderance.
And with my easily distracted ADHD brain, I *really* cannot afford to go down a LastPass rabbit hole during the middle of my work day haha
LastPass is janky. 1pass is better.
Dashlane is incredible .
Its online so
Dashlane is the way to go
Thanks for making this video, I never trust cloud password manager even if there are an auto fill, I use Keepass even if I wasn’t capable of installing 2FA add-on. also keepass is an online password it mean you don’t have iOS app or Android app so if your password is too hard you cannot login when you are not on your computer
On IOS there are Strongbox,Keepassium are you using them?
This seems counter intuitive, why have a password manager when your going to make easy passwords
should you pay for a password manager?
Yeeeeeeeeeer ✊🏿✊🏿✊🏿
🖤
I'm wondering if Apple is good at protecting your passwords , I know they only work across Apple devices but can they be "trusted"? Also what about the passwords they suggest to be strong? (i.e. xxxX-X1xx-xxx!)
I think the answer is no but im too lazy to type my password 😂😂😂
That one dislike Jessica
when she said Jessica I know that was targeted at somebody
So 2 FA vs 2 step 🤔?
Isn't it the same? two factor authentication and two step authentication?
@@solaceenterline6264 yea I am not too sure, it might be a subtle difference...needs answers
@@anthonyfarias8198 So yes! you are right, 2step is username and password (that's it, those are the two steps) and 2FA are those PLUS an authentication code/app/etc. Where MFA requires the user to provide two or more verification factors to gain access
miracl.com/blog/2-step-verification-vs-2-factor-authentication/
www.onelogin.com/learn/what-is-mfa
Am I the only one that just resets my password every time because I never remember it??? Yes? Alright then...
I think Truekey by McAfee is a good one. I think it's free but it may just be free if you've already bought McAfees protection services
Dont RECCOMEND password genie