Password Manager Question
Hello, all. I use so many passwords I thought I'd like to try a password manager. I have interest in Last Pass password manager.I'm a little nervous about my passwords floating around in the cloud. S...
Forum Discussion
I actually keep most of my passwords in Firefox, except for banking or financial such as PayPal. It was the only method I could not defeat using a test keylogging malware, but is dependent on the browser itself not having a security hole.
However, I don't use Firefox's built in encryption. But instead encrypt the entire Firefox profile folder using much stronger encryption. Mozilla itself recommends this as the most secure method of Firefox password security.
Some other observations. If you use KeyPass, which I also do, make sure to use the Windows Secure desktop option for master password(MP). This should block unknown malicious keyloggers from stealing your MP. However, it won't prevent keyloggers from stealing individual passwords when using copy and paste or manually keying them in.
For LastPass, I was able to capture the sign in credentials using test keyloggers, which allowed access to all stored passwords in the cloud with ease. IMO, this method is among the least secure if you're infected with unknown malicious keyloggers, which many top rated AV software do not detect.
However, I don't use Firefox's built in encryption. But instead encrypt the entire Firefox profile folder using much stronger encryption. Mozilla itself recommends this as the most secure method of Firefox password security.
Some other observations. If you use KeyPass, which I also do, make sure to use the Windows Secure desktop option for master password(MP). This should block unknown malicious keyloggers from stealing your MP. However, it won't prevent keyloggers from stealing individual passwords when using copy and paste or manually keying them in.
For LastPass, I was able to capture the sign in credentials using test keyloggers, which allowed access to all stored passwords in the cloud with ease. IMO, this method is among the least secure if you're infected with unknown malicious keyloggers, which many top rated AV software do not detect.
