What password safe app does anyone recommend?

What password safe app does anyone recommend?

Didn't find your answer?

With Heartbleed in the news and recommendations to change all passwords (or most anyway) it seems time to find somewhere safe to keep them!
Would also be useful if the app kept credit card and other data details also.
So a little research comes up with apps like 1Password at £5.99 plus a host of others.
Who uses these and what do users recommend please?
Presumably the data is encrypted?
Does it matter where the data is kept (i.e. US or EU etc.)?
Any advice appreciated.
Thanks.

Replies (30)

Please login or register to join the discussion.

avatar
By RussellD
11th Apr 2014 07:14

Lastpass

I have been slowly making all my passwords different and completely non memorable. So I definitely have to have one of these apps. I use Lastpass. I like that with the premium version (£12pa) I can keep my lastpass vault on my mobile or tablet. When I am on client site, I can see the password which keeps me productive.

At home, my wife and I use the same vault - it means 1 location for banking and other joint website logins. We use the same details to login to for example ebay, tesco, paypal etc I know this wouldn't work for some people but it works for us.

A warning however, I forgot my master password about 12 months ago. There was no way around it. Thankfully I had exported the passwords into an Excel spreadsheet about 12 months before that so I hadn't lost absolutely everything. It was a serious pain though. 

Thanks (1)
avatar
By accountsdragon
11th Apr 2014 09:45

Lastpass

I also use Lastpass, recommended to me by a 'techie', but I'm mean and have the freebie version. It does make life easier not having to remember every password, and, obviously, you have to password protect your computer as well. You can set it so that it generates it's own, secure, password or you can simply let it remember your own.

And, yes, do keep a note of your master password!

Thanks (1)
avatar
By Richard Willis
11th Apr 2014 14:57

Barge Pole territory surely?

I wouldn't trust a list of my passwords to some unknown entity that sits out there somewhere in the cloud!

Thanks (2)
avatar
By DMGbus
11th Apr 2014 23:46

Last pass serious issue

It was reported earlier this week that the "Heartbleed bug" (hacking of passwords) has affected the LastPass application.

Recommendation is to reset your LastPass password.

Source:

huffingtonpost.co.uk 11th April 2014:

http://www.huffingtonpost.co.uk/2014/04/11/heartbleed-password-advice_n_...

Thanks (2)
avatar
By chatman
13th Apr 2014 22:18

@DMGbus - I couldn't ser ant reference to LastPass in the article to which you linked.

Thanks (0)
avatar
By DMGbus
13th Apr 2014 23:54

Lastpass - Huffington Post warning

In the article scroll down to the grey tables and specifically see the heading "Web Tools and Resources" where LastPass is listed.

The same table lists other web memberships / passwords that are recommended for changing.

Thanks (0)
avatar
By tomtrainer
14th Apr 2014 08:44

.

Thanks (0)
avatar
By awoodj
14th Apr 2014 10:52
Thanks (1)
Replying to bernard michael:
avatar
By newmoon
15th Apr 2014 09:13

1Password

Yes I'll go with 1Password.

Spoke with a contractor client in IT security yesterday and he said he uses 1Password.

Thanks for all the feedback everyone.

 

Thanks (0)
avatar
By chatman
15th Apr 2014 13:27

LastPass says all data with them is safe

LastPass seem to be saying all your encrypted data with them is safe, but they recommend you change your other passwords because they might have been stolen from the owner of those sites, eg your bank, your email provider etc.

That advice seems more sensible that any that says you do not need to change any passwords.

Thanks (2)
avatar
By Mark_NW
15th Apr 2014 07:46

KeePass

I have been using KeePass 2 which is a free open source package at http://keepass.info/

I use randomly generated passwords for all sites/applications and change them regularly.

Regards
Mark

Thanks (1)
avatar
By taxhound
15th Apr 2014 08:50

KeePass

We use keepass.  Seems to work ok but I am rubbish with the techie stuff so someone else has sorted all of this for me.

Thanks (2)
avatar
By switkiss
15th Apr 2014 11:53

Whichever you choose, do it for all passwords

I'm a LastPass man myself, but my advice would be whichever you choose, embrace the tool fully. i.e. don't use it just for critical passwords like the bank and then stick to the same old password for everything else.The only time I break this rule is my Apple password, which I manually chose because I need to enter it on many devices, but even then, I activated Apple's 2 factor authentication.

As to Heartbleed, I believe in LastPass your collection of passwords are encrypted using your master password and are then only ever decrypted in your local browser.  This is why it's important to choose a strong master password (mine is 23 characters of random letters, numbers and symbols). LastPass don't hold this master password and can never know individual site passwords, so any hacker using Heartbleed would only retrieve an encrypted dataset which they couldn't decrypt provided your master password is strong enough. This is also why it's important to remember your master password (or store it written down in a safe), as LastPass couldn't help you if you lost it, and nor would you want them to be able to.

Thanks (2)
avatar
By SkyBlue22
15th Apr 2014 13:02

I use MaskMe which is available as an add in to various web browsers. In addition you can mask email addresses if you need the ability or suspect spam might be in your future.

Thanks (0)
Replying to lionofludesch:
avatar
By chatman
15th Apr 2014 13:26

Email address masking

SkyBlue22 wrote:
you can mask email addresses if you need the ability or suspect spam might be in your future.

How does that work SkyBlue22? Sounds good but I don't understand it.

Thanks (0)
By Jennifer Denning
15th Apr 2014 14:22

Roboform?

I have had Roboform suggested to me, and am trialling it.  Anyone use that one?  What do you think?

 

Thanks (0)
Replying to NH:
avatar
By jamesbarton
17th Apr 2014 13:46

Roboform

I have been using Roboform since 2007, on Windows, WIndows mobile (not phone) and Android. For a while I used Roboform on a usb stick, but since found that Roboform everywhere works perfectly well.  It has browser add-ons for all major browsers, even in Android where I use Dolphin browser.  It also remembers personal details and card numbers for easy log in on web sites.  If locks itself every time you lock the PC.

Thanks (0)
avatar
By sheila t
15th Apr 2014 16:44

Roboform

I use Roboform and have never had any problems with it. Like others here I was recommended it by a techie

Thanks (0)
avatar
By poika
15th Apr 2014 23:19

Keepass

I can recommend Keepass. It's an encrypted database that you 'lock' with a master password. The client that allows you to read and edit your passwords is separate from the datastore which is very useful. There are various clients for windows/mac/ios/ etc and most clients allow you to put your password database on dropbox or another shared area so you can have a client on all of your different devices and have them all in sync. There are no ongoing costs and you are free to keep your password database as private as you wish. As it's just a file you can back up your encrypted passwords by just copying it to a USB drive or similar. 

Thanks (0)
John Stokdyk, AccountingWEB head of insight
By John Stokdyk
16th Apr 2014 12:14

Passwordsafe.com

After reading a similar thread several years ago I followed the advice of Nigel Harris and David Winch and gave www.passwordsafe.com a try. It now contains around 140 different passwords.

While in prinicple I share others' concerns about entrusting such valuable info to an anonymous (and free) cloud supplier, storing a file on my desktop (PC or physical) is just as vulnerable. So crossing my fingers and closing my eyes, I've trusted passwordsafe so far, and don't appear to have suffered any attacks as a result so far.

I also keep 1-2 top-level passwords to myself - but fret about what will happen when my memory starts to go.

According to McAffee's Heartbleed site checker passwordsafe is not vulnerable, so I'll carry on using it for now. Biometric recognition or two-factor authentication might be the answer - but the latter already complicates my life significantly.

Good luck to all who visit this thread - and I hope you find something to suit your needs.

Thanks (0)
avatar
By BUMBLE
17th Apr 2014 11:53

Sticky Password

 

www.stickypassword.com

If you want a good password manager that is very good and stores the password on your device or handheld and encrypted , this is very very good .

Yes you have to pay for it, remember free software is never free - somewhere it will get something off you or your clients to make up for it.

Don't store passwords in the cloud  and always back your cloud up to a good external hard drive.

For those old enough - remember Mr Carver in James Bond ?  One day your cloud may switch off either by a hacker or business trouble and do not base your whole life on a cloud with no backup

I notice in the forums everyone says go cloud - not all clouds have a silver lining.

Hope this helps you.

Like the old market trader 'When it's gone it's gone ' never forget it if you use digital data.

 

 

 

 

 

Thanks (0)
By coops456
17th Apr 2014 11:53

Another vote for LastPass

I've used it for over a year now - just renewed my subscription. Great peace of mind and it will generate passwords of whatever complexity you need.

LastPass has good browser integration and an app for my Android phone too. Love it.

 

Thanks (0)
avatar
By allden
17th Apr 2014 11:58

Roboform

Used it for several years, No problems at all.

I think it's worth the money.

Thanks (0)
avatar
By g.sarfas
17th Apr 2014 12:05

Roboform
I love Roboform, the everywhere version means the same password is synced to all my devices - android phone, ipad, PCs.
It does cost a small amount per year - well worth it IMHO

Thanks (0)
avatar
By Tomazaan
17th Apr 2014 14:07

eWallet

I have been using this for many years.  I have two versions: one for my computer and one for my iPhone and back up to each other on a regular basis.  It is easy to use and well worth the money.

Thanks (0)
avatar
By rota2
17th Apr 2014 17:25

Norton 360 Premier

Anti virus software  for 3 devices synchronised in the cloud comes with password manager I have used for 5 years. The cloud backup is relatively expensive so don't use that.

Thanks (0)
Jamie Playford - Director and Licensed Insolvency Practitioner at www.leading.uk.com
By Jamie Playford
21st Apr 2014 09:33

Dashlane
I use dashlane - it works similarly to lastpass and costs about the same (£12 pa I think) and has an app etc. only decrypts data on you local machine. Nice interface etc. Not affected by Heartbleed.

Thanks (0)
avatar
By mraccyd
07th May 2014 23:18

Address Book

Why not just use a random password generator and a paper address book - I guarantee it's a 100% hack proof password vault!

Thanks (0)
Replying to DJKL:
avatar
By chatman
08th May 2014 10:26

Paper Password Records

mraccyd wrote:

Why not just use a random password generator and a paper address book - I guarantee it's a 100% hack proof password vault!

True, but backup is difficult. Swings and roundabouts. And you would have to keep it somewhere where a person stealing your computer would be unlikely to find it, and that could have a cost in terms of convenience.

Thanks (0)
avatar
By SoL
08th May 2014 10:41

Another one for Roboform. Easy to use across different PCs and I also have the USB version for when I'm out and about (which integrates into a portable version of Firefox).

 

 

Thanks (0)