Content starts here
CLOSE ×
Search
Reply
Community Manager
Community Manager

Password Manager?

Do you use a password manager?  Do you have one you recommend?  Share it here and tell us why it's your choice.

AARPTeri
40,738 Views
94
Report
Periodic Contributor

In reviewing PCMag's list I've been using the free utility Bitwarden, so far so good.

 

In the past I'd used LastPass but stopped and deleted my account shortly after one of their employees apparently had their work laptop stolen and leaked vital details about their security infrastructure.

 

A friend and high school classmate of mine whom I'd helped with reinstalling Windows 10 recently I suggested to use Microsoft or Google's cloud-based password management, which is a bit simpler in that you just go through your respective account settings with them and not necessarily a separate, dedicated app.

4,210 Views
0
Report
Trusted Social Butterfly

....A Web Browser is probably The Worst possible place to store passwords...might as well print a list, copy it millions of times and post it on every utility pole in the world.

 

And if you do save passwords in a web browser like Microsoft Edge...DO NOT TELL ANYBODY!!

4,530 Views
6
Report
Contributor

Am I the only AARP member that is so frustrated because when I click on a link from an AARP email, the sign-in box will not allow me to paste in a program-generated password. They expect me to manually type in a 20+ character password. They say it is set up that way for more security. So, to be secure I am supposed to use a less secure password!!  Seems to me they are promoting a less secure system for seniors to use. Also, the person I chatted with said to save it in the browser. Like that's secure!!!!

2,581 Views
4
Report
Periodic Contributor

Roboform (password manager) is able to fill the AARP login on Android when I started from the email link.

0
Kudos
15088
Views
0 Kudos
2,523 Views
3
Report
Contributor

Can you copy and paste or do you have to use an autofill feature? I use another company and certainly am not going to switch!

 

 

0 Kudos
2,504 Views
2
Report
Contributor

You can manual fill (with the click of a button) or you can copy and paste the UserID and/or Password.

0 Kudos
2,454 Views
0
Report
Periodic Contributor

I just tested.

Using Android devices, paste is blocked, but autofill from the password manager works.

On a Windows 10 desktop, copy/paste works just fine.

0 Kudos
2,478 Views
0
Report
Social Butterfly

Have you looked at Edge and how the passwords are saved?

4,499 Views
0
Report
Social Butterfly

I haven't read all the posts here but how many save your Passwords in Microsoft Edge? 

 

PasswordEdge23.jpg

 

 

 

 

 

4,545 Views
0
Report
Trusted Social Butterfly

This topic conjures memories of something that happened at work back in the 1990's.  Internal Audits developed a set of Password Requirements as a result of a security audit.  They approached the Standards and Controls department about implementing the requirements and were told that the existing security software could make some of their requirements mandatory, but could not make them all mandatory.  The Auditors then turned to the IT department.  After reviewing the Requirements the IT department responded. It would be possible to install code to make all the requirements mandatory, but it would be pointless.  The Requirements were so intricate that in order to meet them all, people would have to come up with passwords so long and nonsensical that they would not be able to remember them and would have to write them down.

While password managers certainly have their niche in the tech universe, this topic seems to beg the question, "Have we come full circle?".

Does the average person really need a password manager, or is it just another vulnerability?  Nothing computerized is hack-proof.  The strongest encryption can be cracked, and Apps are just human ideas coded so computers do the work.  There are vulnerabilities in the code that exist just because the people writing the code just happened to not think of something.  So for the average person, who is prudent enough not to transmit sensitive information over insecure public networks, are pen strokes more secure than keystrokes?  I.D.'s and passwords written down and locked in a secret stash at home where they are most likely to be used.

Just as an added thought, AARP has a whole section, and ongoing programs on maintaining brain acuity and mental sharpness.  Wouldn't owning our own passwords instead of outsourcing them be the kind of mental exercise experts say helps maintain brain health.

0
Kudos
26602
Views
12,406 Views
0
Report
Contributor

I've been using LastPass Premium.  It came free with my Webroot subsciption.  Like it alot except for the occasional glitch.  So much easier than having to look at my list of passwords I kept.

 

You do have to remember to enter your favorite websites thru LastPass each.  Not a big deal once you get used to it.

 

Carl G - Wilmington DE

16,453 Views
3
Report
Periodic Contributor

All of your passwords can be imported into LastPass. You will probably have to go to your most used sites in LastPass and mark them as your Favorite and Auto Fill. I have had LastPass for years and really like it. I took the time last year to change most of my regular pws into Generated Passwords with at least 12 letters, numbers or symbols. It is a real pain when sites do not allow the pw to be pasted or LastPass isn't allowed to autofill, or the site does not give that option. When I opened my AARP site to view these comments, my pw was autofilled.

0 Kudos
2,563 Views
1
Report
Periodic Contributor

LastPass did have problems this year which was troubling. I have followed all of their recommendations to make my account/passwords more secure. As far as I can tell, my account was not compromised. I did make my Master Password more complex which makes it more of a pain to type. The program has another option so the MP doesn't have to be typed, but I don't use it because if I do, I'll forget my MP and I don't want to do that. It is now 15 characters long.

2,560 Views
0
Report
Contributor

Unfortunately, for anyone reading in 2023, LastPass has been compromised.  Take them all with a grain of salt. Consider NOT storing financial passwords in any of them.  Only secondary ones like library, utilities, etc--things where you won't lose your money.

4,581 Views
0
Report
Newbie

No I do not use a password manager. I don't feel the necessity to trust anyone other than myself. I keep a little black book that I found at Barnes and Noble some years ago. I write in pencil so I can erase. I change passwords as necessary and mark the date it was changed. I also don't use my passwords outside my home. If necessary I would take my book with me and keep it locked up like my wallet. 

It might be a good idea for younger adults, but at my age it is not. There is certain personal information I don't keep in the book, just in case it was lost or misplaced.

16,928 Views
0
Report
Newbie

I use F Secure as my password manager. It is nothing fancy, but it's pretty straight forward and does what I need.  I have tried some of the more well known ones (Last Pass and Dashline) and although they may have more bells and whistles,  I found that they interfered with my browser and were a bit intrusive.

16,981 Views
0
Report
Newbie

I am looking for a program that will work on my PC, iPhone 5c and iPad 6th generation.  I also am elcerly and cannot afford to pay much.  Any suggestions?

18,122 Views
3
Report
Newbie

Last Pass has been free and works well so far.

12,663 Views
1
Report
Periodic Contributor

For $36 a year, Premium LastPass can be used on "all of your devices". With the free edition, it can only be used on one device and that may meet your needs. I have it on my laptop, my phone, and my tablet. That way, I have access to all of my websites no matter where I am. Of course, I do NOT use it when I'm on public WiFi.

Premium

Enhanced password management and security accessible across all your devices. $3.00  permonth billed annually*

 
Best Value for Families:  Secure password management for up to 6 users with easy, unlimited password sharing. $4.00 per month billed annually*
0 Kudos
2,548 Views
0
Report
Regular Contributor

I have used the free version of LastPass for several years on all my pc (windows and linux) and on my android phone with no problem.  I don't know about iphones but there should be an app for the LastPass service.  There is an extension on the chrome brower that allow you to access all your saved login info from any computer.  I am 66 so I don't know if that qualifies me as elderly. 

18,120 Views
0
Report
Newbie

I use Keeper.  I have used it for years. I have well over 100 passwords in it. It's on my phone and computer.  

19,266 Views
0
Report
Periodic Contributor

I use LastPass because it is very secure. The simple test: if you lose your password for the password manager, can the company recover it? If so,their security is unacceptably low. LastPass does pass this test; all data is encrypted on your device, and no unencrypted data ever leaves your device(s). LastPass securely syncs among all my devices (Mac, iPhone, iPad, Windows PC...)  so my data is always available on every device. AES 256 bit encryption is great, but only if properly implemented. LastPass creates the key from your email, password and more (for the techie, a unique random "salt" and then passes it though an algorithm designed to create 256 bits of seemingly random bits over 100,000 times.All that and more is necessary to make the encryption really strong.

18,842 Views
1
Report
Periodic Contributor

The free version of LastPass does everything you need, and does it well. I also it it to store the unique lies I use for every security question. It does not remember password history, so I always make a copy of the old password in the card for the website in LastPass before having LastPass generate a new unique password (many websites require that you enter both the old and new passwords to use a new password). LastPass lets me use 20 character totally random passwords as easily as a word hackers can guess in a tiny fraction of a second.

18,097 Views
0
Report
Newbie

I use Keychain because it is built into Apple computers, tablets, and phones and is free to use, and syncs across devices. So if you’re in the Apple ecosystem you’re all set. You’re article should have mentioned it. 

18,849 Views
2
Report
Periodic Contributor

Good point, and of course it's free and integrates well with everything Apple.

 

But the features don't really match the other programs we've discussed so far. For example, I always jot down the answers to the esoteric security questions that many sites like to use so I'm sure to type it exactly (capitalization etc.)

 

1Password (my favorite) also keeps my password history, generates random passwords with a configurable recipe to match the website requirement and let's me add custom fields to a record when needed. Not to mention that you can add specific types of records like credit cards, driver's licenses, and even store a receipt or other document.

 

I also use 1Password to keep track of my software licenses. It knows when I purchased the software, how much I paid and most importantly what the license key is in case I have to reinstall later.

 

Although I do use Keychain, I make sure that 1Password is always holding the correct info and that becomes the de facto place to look.

19,012 Views
1
Report
Periodic Contributor

LastPass has prebuilt forms specifically for a wide variety of needs (credit cards, social security, software licenses, and many more). I use it for all the security questions and answers for each site -- and I use a unique lie for each and every security question on each and every site). It has two different types of entries, one for web sites, and one for "Secure Notes", which can be used for almost everything else. LastPass also lets adds fields and insert images (like copies of my passport). Almost all my passwords are randomly generated by LastPass, with options to include or not include groups of characters (lower case, upper case, numbers, special characters), and to select the length.

 

I used to use Keychain, but found that LastPass provided everything I need, and does it securely. It also works perfectly on Windows systems, Linux, and even allows secure access via the web.

 

What LastPass does not do is to record a password history for each web site. When I am changing a password I manually add the previous password to the Notes for that site, so that I have both the old and the new (random, LastPass generated) password.

 

Still, any password manager is far better than none.

19,104 Views
0
Report
Contributor

LastPass.  Great product.  Great value.  Most of the IT people I know (I'm still one) use it.  Follows me no matter which browser I use no matter which device (home, work, iPad, iPhone).

18,859 Views
0
Report
Periodic Contributor

I have used LastPass for several years and love it! User friendly. Although I use the free program, the few times I've needed to contact Customer Service, they have answered promptly. Paying customers receive expedited responses. LastPass also offers the free option of adding someone who can access your account in case something happens and you aren't able to access it yourself, due to illness for example.

18,869 Views
0
Report
Honored Social Butterfly

No password manager. We keep a document updated on all userid/password/challenge questions. As others have stated, password manager is just as vulnerable to hacking as anything else.


"...Why is everyone a victim? Take personal responsibility for your life..."
18,884 Views
1
Report
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Users
Need to Know

AARP Limited Time Offer: Memorial Day Sale! Join or renew for just $9 per year when you sign up for a 5-year term and get a FREE gift.

AARP Memorial Day Membership Sale

More From AARP