- AARP Online Community
- AARP Rewards
- Earn Activities
- AARP Rewards Connect
- AARP Rewards Tips
- Ask for a Rewards Tip
- Leave a Rewards Tip
- Grief & Loss
- Share and Find Caregiving Tips - AARP Online Community
- Ask for a Caregiving Tip
- Leave a Caregiving Tip
- Entertainment Forums
- Rock N' Roll
- Let's Play Bingo!
- Leisure & Lifestyle
- Entertainment Archive
- Games Talk
- Games Tips
- Leave a Game Tip
- Ask for a Game Tip
- Health Forums
- Brain Health
- Conditions & Treatments
- Healthy Living
- Medicare & Insurance
- Health Tips
- Ask for a Health Tip
- Leave a Health Tip
- Home & Family Forums
- Friends & Family
- Introduce Yourself
- Late Life Divorce
- Our Front Porch
- Home & Family Archive
- Money Forums
- Budget & Savings
- Scams & Fraud
- Retirement Forum
- Social Security
- Retirement Archive
- Technology Forums
- Computer Questions & Tips
- About Our Community
- Travel Forums
- Work & Jobs
- Work & Jobs
- AARP Help
- Benefits & Discounts
- General Help
This topic conjures memories of something that happened at work back in the 1990's. Internal Audits developed a set of Password Requirements as a result of a security audit. They approached the Standards and Controls department about implementing the requirements and were told that the existing security software could make some of their requirements mandatory, but could not make them all mandatory. The Auditors then turned to the IT department. After reviewing the Requirements the IT department responded. It would be possible to install code to make all the requirements mandatory, but it would be pointless. The Requirements were so intricate that in order to meet them all, people would have to come up with passwords so long and nonsensical that they would not be able to remember them and would have to write them down.
While password managers certainly have their niche in the tech universe, this topic seems to beg the question, "Have we come full circle?".
Does the average person really need a password manager, or is it just another vulnerability? Nothing computerized is hack-proof. The strongest encryption can be cracked, and Apps are just human ideas coded so computers do the work. There are vulnerabilities in the code that exist just because the people writing the code just happened to not think of something. So for the average person, who is prudent enough not to transmit sensitive information over insecure public networks, are pen strokes more secure than keystrokes? I.D.'s and passwords written down and locked in a secret stash at home where they are most likely to be used.
Just as an added thought, AARP has a whole section, and ongoing programs on maintaining brain acuity and mental sharpness. Wouldn't owning our own passwords instead of outsourcing them be the kind of mental exercise experts say helps maintain brain health.
I've been using LastPass Premium. It came free with my Webroot subsciption. Like it alot except for the occasional glitch. So much easier than having to look at my list of passwords I kept.
You do have to remember to enter your favorite websites thru LastPass each. Not a big deal once you get used to it.
Carl G - Wilmington DE
No I do not use a password manager. I don't feel the necessity to trust anyone other than myself. I keep a little black book that I found at Barnes and Noble some years ago. I write in pencil so I can erase. I change passwords as necessary and mark the date it was changed. I also don't use my passwords outside my home. If necessary I would take my book with me and keep it locked up like my wallet.
It might be a good idea for younger adults, but at my age it is not. There is certain personal information I don't keep in the book, just in case it was lost or misplaced.
I use F Secure as my password manager. It is nothing fancy, but it's pretty straight forward and does what I need. I have tried some of the more well known ones (Last Pass and Dashline) and although they may have more bells and whistles, I found that they interfered with my browser and were a bit intrusive.
I have used the free version of LastPass for several years on all my pc (windows and linux) and on my android phone with no problem. I don't know about iphones but there should be an app for the LastPass service. There is an extension on the chrome brower that allow you to access all your saved login info from any computer. I am 66 so I don't know if that qualifies me as elderly.
I use LastPass because it is very secure. The simple test: if you lose your password for the password manager, can the company recover it? If so,their security is unacceptably low. LastPass does pass this test; all data is encrypted on your device, and no unencrypted data ever leaves your device(s). LastPass securely syncs among all my devices (Mac, iPhone, iPad, Windows PC...) so my data is always available on every device. AES 256 bit encryption is great, but only if properly implemented. LastPass creates the key from your email, password and more (for the techie, a unique random "salt" and then passes it though an algorithm designed to create 256 bits of seemingly random bits over 100,000 times.All that and more is necessary to make the encryption really strong.
The free version of LastPass does everything you need, and does it well. I also it it to store the unique lies I use for every security question. It does not remember password history, so I always make a copy of the old password in the card for the website in LastPass before having LastPass generate a new unique password (many websites require that you enter both the old and new passwords to use a new password). LastPass lets me use 20 character totally random passwords as easily as a word hackers can guess in a tiny fraction of a second.
Good point, and of course it's free and integrates well with everything Apple.
But the features don't really match the other programs we've discussed so far. For example, I always jot down the answers to the esoteric security questions that many sites like to use so I'm sure to type it exactly (capitalization etc.)
1Password (my favorite) also keeps my password history, generates random passwords with a configurable recipe to match the website requirement and let's me add custom fields to a record when needed. Not to mention that you can add specific types of records like credit cards, driver's licenses, and even store a receipt or other document.
I also use 1Password to keep track of my software licenses. It knows when I purchased the software, how much I paid and most importantly what the license key is in case I have to reinstall later.
Although I do use Keychain, I make sure that 1Password is always holding the correct info and that becomes the de facto place to look.
LastPass has prebuilt forms specifically for a wide variety of needs (credit cards, social security, software licenses, and many more). I use it for all the security questions and answers for each site -- and I use a unique lie for each and every security question on each and every site). It has two different types of entries, one for web sites, and one for "Secure Notes", which can be used for almost everything else. LastPass also lets adds fields and insert images (like copies of my passport). Almost all my passwords are randomly generated by LastPass, with options to include or not include groups of characters (lower case, upper case, numbers, special characters), and to select the length.
I used to use Keychain, but found that LastPass provided everything I need, and does it securely. It also works perfectly on Windows systems, Linux, and even allows secure access via the web.
What LastPass does not do is to record a password history for each web site. When I am changing a password I manually add the previous password to the Notes for that site, so that I have both the old and the new (random, LastPass generated) password.
Still, any password manager is far better than none.
I have used LastPass for several years and love it! User friendly. Although I use the free program, the few times I've needed to contact Customer Service, they have answered promptly. Paying customers receive expedited responses. LastPass also offers the free option of adding someone who can access your account in case something happens and you aren't able to access it yourself, due to illness for example.
No password manager. We keep a document updated on all userid/password/challenge questions. As others have stated, password manager is just as vulnerable to hacking as anything else.
"...Why is everyone a victim? Take personal responsibility for your life..."
Keeping track of passwords on paper is great if you use a unique long password for every purpose, always use a random password, and NEVER use an easily guessed password. With current hacker technology, that means do not use a word from any dictionary ever published, even with substitution of numbers for letters. I prefer a password manager so I don't have to manually enter passwords like %$Nsw7MM#!mdKt&7
I starting using ewallet several years ago, and it was fine but I have been having technical issues with it and I can't reach anyone to help me. It makes me nervous to think that these password managers are created by unknows and then the company or individuals disappear and you are STUCK and unable to get service if there is a problem. I also wonder if the people or companies creating these managers have access to your passwords?
@lucky1338, If I had not already been satisfied with Dashlane, Kim Komando's recommendation alone would have been enough to opt for Kaspersky. For those of you who are still on the fence about a password manager, you can't go wrong with Lucky1338's choice. Otherwise, here are Reviews for the Six Top Password Managers. Take your time and choose wisely.
I have used Dashlane for several years. I like it as it supports not only my PC but mobile devices. I use Roboform for access to local applications (eg., Quicken). I was pleased with, and would have stayed with Roboform if it had supported mobile apps sooner.
For many years I've been using Password Safe. As a locally-installed stand-alone application/database, it lacks some of the sophistication of cloud-based services, but I have the assurance that I have full control of both program and its vault of passwords. Versions are available for PC, Mac, iPhone, Android, and others. The database CAN be kept in the cloud to simplify sharing it between devices, but I always have a local copy so that I can access the passwords even when I can't access the Internet.
I am currently using the LastPass manager. I have tried others, but I like this one best because:
* It’s easy to create and retrieve passwords
* It has fingerprint recognition for my mobile devices
* It can create complex passwords that you set the parameters for
* It is reasonably priced( or free at the basic level)
* It can auto fill
* You can also use it to store notes for other than passwords
I have used Roboform for 20+ years. I believe it is the best on the market. Most of my passwords involving money ar 13+ characters and I change them every two months. Roboform helps me to keep track of all of these, I have the deluxe version for $9.95 a year since I am online at least 6 hours a day, but the basic free version would be fine for a light user.
1. It is supported on all of the devices I use
2. It supports access by an approved member in the event I die or otherwise incapacitated.
3. Its free!
4. Selection was based on a combination of talking with others using a password manager and rating/rankings of the various options based on capability, features, etc.
It has made my life much simpler and I have a greater confidence in my online security with every site having its own, unique, random and robust password.