@@MichaelJessen That's a good topic. What I do is save them to a file (plain text) in a Cryptomator-encrypted folder. That allows them to be backed up, and accessible as and where needed. The "traditional" approach is to print them out and put them in a safe location. In theory that works, but people often lose them, and have a less-than-appropriate definition of "safe place".
@@mrmifflin I'd involve a trusted friend or family member to do it for them. But with a password vault they need only remember one thing. (And I'll absolutely admit there's no simple solution to this scenario.)
I'm 73 and use a password manager. ALL of my passwords are generated by the PWM and thus are unique 16 random characters. The master key is a longer passphrase. I was relieved to find that you recommended exactly that. Using the PWM is much easier than looking up and correctly typing long passwords.
Consider that it's probably a very good idea to write down your passwords, including the one to the password manager, so that if something were to happen to you, someone can get into areas for you. I have a list of sites, usernames, and passwords so that if I'm incapacitated someone can act in my stead. Also something to consider... The target audience of AARP are older people who are going to be using a tablet or laptop in their home. They're retired and a password list on paper in their home is only at risk if people break into their home and decide to go through their papers for records (it's more likely jewelry and electronics will be at risk). These people can use a password manager, and the likely result is that because of complex password requirements, they'll write down the password to their password manager and every one of their passwords will be just as insecure as that piece of paper. And yes, I've seen people forget how to get into their password manager because they got a new monitor and it looks different so it confused them. And they then pull out the paper with their password manager password. After a long time of telling people to write down their password, and then telling them not to, I'm not sure either way is better or worse.
Just because someone is retured doesn't mean they're incapable. Yes, preparing for death or other incapacity is important, but need ONLY be the password to a password vault. Then, by definition, everything within the vault is present and up-to-date. I've written/spoken about this here: askleo.com/preparing-for-the-ultimate-disaster/ (video coming in a couple of weeks).
@@ChibiKeruchan Then your wife throws away the shampoo bottle because it's empty. I mention this because I can't keep an empty bottle anywhere in the house. My wife will detect it and recycle it. No matter where I try to hide it.
Keeping your written list under lock and key is probably a bad idea, though. As a general rule, it's much easier to hide your valuables in inconspicuous places, than it is to hide a bulky safe or anything with a lock. Especially a piece of paper with passwords. Works better against your family, because they will know all about the safe and the locked drawers, and all those kinds of obvious places, anyway. If you have kids, they can know more than you think. Usually drawers can also be lock-picked with a paper-clip or something. Works better against your friends as well, because they don't know your house like you do. And if a """"friend"""" is left alone in your home and decides to go through your stuff, there's also a higher chance they'll find a bulky safe than a piece of paper. Works better with burglars for the same reason. And when it comes to burglars, you also don't want things locked, you want them well hidden. Because locks are completely useless and maybe even dangerous, unless no one's home. If they find the safe, the safe is open, because burglars carry with them the universal keys called knife-to-your-throat or gun-to-your-head, which are also very unhealthy to you. It's for that reason that I personally feel like having a safe at home is actually rather dangerous. And more so if any of your friends learns about it. My personal preference is for hidden compartments. The imagination is the limit. A fake electrical plug on a wall, can be a great little nook to hide small things, and absolutely no one will ever suspect it. The safe no one ever suspects to exist, is the best safe you can ever have. There's also furniture with hidden compartments. Many of them aren't that well hidden, so you have to choose very wisely. Some work with magnets, which can be bad if you misplace the magnet (long term, the magnet can also mark the wood, which is bad). The best example that I've ever seen is the _Secret Compartment Box II,_ built by the youtuber Dustin Penner. The hidden drawer is well disguised as part of the lower rim, and the "key" to the drawer is even part of the box itself, in a completely inconspicuous way. Pretty damn brilliant, imo.
At least 99% of the passwords I use are for corporate web apps for where I work, and websites for my personal use. The only passwords that don't work in my browser are the ones I need to log into the corporate domain. And the corporate rules for domain passwords are just idiotic. Inadequate length requirements, along with bizarre prescriptions for alpha, numeric and symbols. It's really hard to remember whatever I dream up to meet the requirements, and no, I can't get a password manager to type it in for me; I'm not logged in. To make matters worse, we have to change our insane passwords every three months, whether the network has been compromised or not. So muscle memory and regular memory goes out the window on a three month schedule.
I often think I have dementia because the saved password, written down password agree but when I type it in. it gets rejected. This seems to happen when any company updates a program. If you don't want it written down and others say don't use PW Managers how are to to remember all those special passwords we have to create almost monthly?
Best solution I've found is to design my own alphabet for most of the letters. Even if someone were to find my notebook, nobody will be able to understand it.
Yesterday my computer wouldn't start until I had logged into Microsoft. It doesn't usually do this, and I don't know why. Any computer-based password "vault" wasn't available to me. Because it's complicated, I certainly can't remember it. Scary, hey?
I use a password-manager since 3 years for daily use and changed to more complex passwords since then. Besides that, I have a well hidden paper-notebook to backup passwords non-digital and offline. My passwords are created by a password-generator (minimum 16 characters, letters capitalized and non-capitalized, numbers and additional characters). I copy them temporarily in a text-editor and sometimes edit them further more, to print them afterwards glue the printout into my paper-notebook. The notebook itself is well hidden (at first I needed several hours to find it by myself). I have a fake paper-notebook hidden not so well.
One of the problems with something like LastPass is that it too frequently fills the wrong password; so I MUST either use my brain's memory to put in the correct one, or I need to look for the correct password in Vault. And then still type in the needed password. But in general fairly short password choices with a few bits of complexity ARE my practices. As for actually physically writing my passwords,.... that is tricky. I avoid stating my actual practice here.
Google recently improved the password manager in Chrome I believe, but prior to that it was incredibly vulnerable. So long as you were logged into Chrome - and, let's face it, most people configure it to auto-login on start up - all you had to do was call up the password management page, find the relevant website on the list and click on the show password icon. They seem to have changed that recently, as it now requires me to input my Window's password, though that seemed to start around the time I invested in MS Office, so I'm not sure whether the two events were related. In any case, I don't store anything important like banking passwords in Chrome, but I bet there are some that happily do. Just a thought - how about storing passwords on in an encrypted document?
Not an universal advice! Depends on the individual. I, for example, live alone - no peek possible. If and when I die or am incapacitated (Alzheimer, hospital), nobody knows my practical details. So there is a cardboard file, prominently visible, labeled "In case of decease", which records everything necessary: not only passwords but also the financial accounts I have, the medical data, the websites I have an account with but also realworld associations I am a member or user, the phone and bank card and ID codes, whatever. Along with the list of people to inform. For things "For my eyes only" I have created a selfmade "alphabet". I am also a bit paranoid. Each website or app must store your password, and I don't trust their personnel or hacking vulnerability. That's one password at a time. Instead, the password manager people can access all your passwords in one go! Brrr! Frightening. And then, I use various machines to access the internet: a desktop, a laptop, a iPad tablet and a smartphone. Password management differs, and I don't want to multiply the copies of my passwords list.
This is what I do. I use Excel and save the file with a password. I use lines for different entries and I use columns to write down the type ot entry (emails, stores, and so on), addresses, logins, passwords, contacts (like sellers), store type, phone numbers, orders, whatever, 1 column for every field that I am interested in. This way, I can sort the entries any way I want. Instead of Excel, you can use Word or Notepad. If I still want more security, I can encript the file with winrar or similar software. This way I only need to remember 1 or 2 passwords and leave the file on my desktop. Then I store a backup somewhere else, like, on another PC, laptop, flash drive, external drive, you get the idea. If I also want to access the password file anywhere in the world, I upload a copy of the password file to some cloud, like google drive, onedrive, mega, rapidgator, nitroflare, ...
Yep, that's exactly what I do, too. I just put the passwords and related info in a Word document, then encrypt it using 7zip and save it on my computer. And for remote access if i ever need it, I emailed a copy of the encrypted doc to myself.
As you say, I use a password manager, cryptic password are REALLY hard to type and not get you locked out of an account as you either got it wrong too many times, or it timed out. However, when it comes to my 90 year old aunt, I really hope she has written them down on paper, otherwise I'm going to be in a real pickle when she asks for help. Her using another program (password manager), please no - that's from experience supporting her. If I did I'd get called for a visit, "So where is XXX password", It's in that thing you put there the other day, "So what's the password managers password ?", I don't know, it's in that thing you put there - I did what was suggested and put them all in there, and now I cannot pay my power bill. As for someone else seeing her paper password list on her desk, that is the least of her problems, the main one is she now has an intruder in her house, forget the computer, get out of there, call the police.
Sorry, I will continue to use my easy to remember and type passwords so that I don't have to reset them every time I use a web site that I only access once or twice/year. Also, I keep them all in an alphabetized address book in my home office desk drawer. I have both mine and my husband's in there so if one of us should pass away--we would have access to everything we need.
If you rely on a written list of passwords, and that piece of paper disappears, then you are screwed (or do you have a copy of that written list somewhere else?). Someone in your office decides to stick it to you, and takes your list. Your dog eats it. You are burglarized. You get a new computer, and you are locked out of all of your sites. Perhaps you can use their "Forgot Password" feature, and cross your fingers. Most password managers are easy to use, and you can save a copy of your password database on a separate drive. You can even keep a copy of your password database with a cloud storage service. If you have a strong master password, that remote copy of your password database is useless to anyone other than you. And having a copy, elsewhere, will get you out of a world of trouble if your storage drive fails, and it had your password database. Or if you are burglarized, etc. Use a password manager. Use a strong master password. Make a copy of your password database, and keep that copy in a different room (or with a neighbor or friend or cloud service). You can purchase a 1GB flash drive for under $1. It will easily hold your password database (which will likely be ~5MB or smaller).
HI, thank you for the video. Do you have a secured Back up of your passwords (digital or printed) in the case Password manager service is for some reason down or unavailable? and if you do and it's digital do you encrypt it as well?
Nordpass, Bitwarden, Zoho Vault, Keepass (or KeepassXC), ProtonPass, and Synology C2 all have free options with unlimited login entries across all of your devices. Out of these, I find Bitwarden and Zoho Vault to have some of the best browser extensions with user-triggered auto-fill. I personally haven't tried Proton or Synology, because I'm quite happy paying $10/yr for Bitwarden. I have tried Nordpass, 1Password, Bitwarden, Zoho Vault, KeepassXC, and Roboform. I definitely wouldn't use LastPass.
Keepass or KeepassXC. (I've always used KeepassXC, but I presume Keepass is also unlimited.) Keepass is only for windows, iirc. If you're not on windwos you'll need KeepassXC.
Regular .txt or .docx files are generally not encrypted, so anyone who has access to your flash drive has access to your login information. If you are going to do something like this, I'd recommend using a Keepass database file (.kdbx). You then have searchability, hierarchical organization of entries, easy copy/paste, the ability to link a browser extension, and the database is encrypted using a password, a password+keyfile, or password+Yubikey combination. It's then trivial to copy the file anywhere you like as a backup. Keepass and KeepassXC are pretty light applications, so you won't need to be concerned with them using too many computer resources just to manage your login information. The caveat is you will need to construct an easy-to-remember (or easy-to-reconstruct) password or passphrase that you can readily type in when you open the database. If you don't know how, Leo has an article and video on this very topic. I have a few methods of my own, as well.
Well browsers password manger not so bad like the one on the macs and iPhone pretty good its also windows cross platform it can be locked as well its a lot safer than hum hum last o pass data hack
Hi there, is it possible to recover my youtube back after I've accidentally deleted my Gmail & I can't recover it because I totally forgotten my email & password
So you deleted your GOOGLE account, which is both your RUclips account and your Gmail account. All you can do is try the account recovery process. I'd start you here: askleo.com/access-gmail-without-phone-verification/ but be sure to try ALL the options, including google recovery at the end.
Leo! Writing Down Passwords. Consider this. Husband and Wife where the Husband is the sole user of the computer and the Wife has little or no knowledge of using PC’s. He has created accounts on the internet for his Banking, Share Trading, Email, -- You get the idea! He passes away and the wife or the Executor of his Estate is left stuck trying to sort out all the on-line accounts. The can’t find the passwords or even the user names of the on-line accounts in order to close them or transfer funds in those accounts to the wife’s account. In this case writing down complete information about on-line accounts is very important. Type up the information, print it out, attach it to your Will and delete the file from the pc.
I write down on my personal book using pencil so that I can keep erasing for entering new passwords and I feel safe no one can see my book. Using password manager hackers can hack.
I use both Bitwarden and KeepassXC. The latter is not connected to the internet at all, it is stored on a flash drive. If the firm should go bust, I will still have all my passwords safe and secure. It will not go obsolete, I always check for updates.@@MarcusCactus
Disagree. But it depends on discipline. There are more thieves on the internet than there are in my house. More likelihood of having so-called secure data hacked than my coded, written down passwords accessed and decoded. For most websites the security of the password is pretty irrelevant, who cares if someone hacks your BBC online account? Others are critical, such as bank accounts. Two stage authentication is then a must.
If you use a password manager, you can save your password database (probably a single, small file) to another storage device (such as a USB drive). Since you have no power, you might use some other computer, in a different location, that has power. So you take your USB drive with you, and you have your password database available to use on that other computer. But you have to trust that other computer, if you are going to load and unlock your password database on that other computer.
You may have a mobile device (battery powered) available, and need to remember certain passwords on your own even if means without password manager. Maybe you could run a password manager on the mobile devices too.
Your criticism simply does not apply to me on all counts. My passwords are random and complex. This is inconvenient but I do it anyway. Password managers can be hacked. A piece of paper cannot be hacked on the internet!!
@@askleonotenboom I would, in most cases, have time to create new passwords if they were forcibly robbed from me at gun point, or if I lost the paper. Without explaining here, I have hiding places that are simple for me (giving me quick access to them) but which no burglar would find (you would agree if I explained). This is much more secure than anything online.
Well, I'll argue this. Keep in mind the targeted audience of AARP. Old folks. For that demographic, this is probably the best and most reasonable advice - for them.
To be clear, I'M IN THEIR AUIDIENCE. (They start grabbing people at their 50th birthday, so perhaps younger than you think.) This simply reinforces the stereotype that "old" (whatever definition you use) people are incapable. That's simply NOT TRUE.
@@askleonotenboom Agreed on that. I was also a little disappointed with AARP's approach. They really didn't even bring up the idea of using a password manager, but just went straight to the "write your passwords down" solution. Instead of talking down to their intended audience like they're clueless and helpless because they're older, they could have done a well-written segment educating readers on the basics of password managers. They fumbled the ball on that one. As for "old folks", I'm a 68+ retired sysadmin and I've seen my share of people of ALL ages with sticky notes on their monitors with passwords for all to see, and I'll attest to the fact that age is irrelevant when it comes to following best practices (or failing to).
That's a strange and persisent fallacy. The internet is not new. The 'information superhighway' went mainstream in 1995, the same year Windows 95 turned PCs into home appliances. The IBM PC came out in 1981. I figure you'd have had to be retired in 1990 to not ever had to use a computer at work, which would make you 98 years old today.
I have over 200 passwords in a book. sounds bad but it is in code, they are basically password reminders. when you have so many passwords you need to know what password is for what account/site. you cant rely on browser or third party vender's to remember your passwords.
My password list is a list of clues that only I know. I moved around a lot as a child. Example( Hint Ages 10,14) means the addresses I was at when those ages. Example 53imaginaryroad125madeuplane. Hint first 2 records. Hint name and address of 1st girlfriend. etc:
My thoughts on why some bad advice is very bad advice.
Thankyou Leo. I'd also be interested in your thoughts on securing single-use recovery codes.
@@MichaelJessen That's a good topic. What I do is save them to a file (plain text) in a Cryptomator-encrypted folder. That allows them to be backed up, and accessible as and where needed. The "traditional" approach is to print them out and put them in a safe location. In theory that works, but people often lose them, and have a less-than-appropriate definition of "safe place".
so what is the best way for somone just getting dimentia to manage passwords
@@mrmifflin I'd involve a trusted friend or family member to do it for them. But with a password vault they need only remember one thing. (And I'll absolutely admit there's no simple solution to this scenario.)
I use a spreadsheet thats password protected. Your thouths?
I write down passwords. However I do it in braille. Also, I live in the mountains and no one ever comes to my house.
I'm 73 and use a password manager. ALL of my passwords are generated by the PWM and thus are unique 16 random characters. The master key is a longer passphrase. I was relieved to find that you recommended exactly that.
Using the PWM is much easier than looking up and correctly typing long passwords.
Us older seniors write them down, then find a good hiding place. The only problem is, it will never be seen again by anyone
Why hide it? From whom?
Remember E.A.Poe and the Hidden Letter. Easy access but no one thinks it is what it is.
Sir, keep up the good work.
Too many people ignore commons sense and basic cyber security. I use your videos to get the point across.
writing things on paper keeps secrets from your computer
And makes them available to anyone who gets the paper.
@@askleonotenboom ok, so how many people have access to your personal papers? vrs how many can access your digital files?
@@mayamachine Anyone that walks into the house. Only me. (With the exception of an appropriate disaster plan.)
'writing things on paper keeps secrets from your computer' - that was _intended_ to be a joke, right?
Consider that it's probably a very good idea to write down your passwords, including the one to the password manager, so that if something were to happen to you, someone can get into areas for you. I have a list of sites, usernames, and passwords so that if I'm incapacitated someone can act in my stead. Also something to consider... The target audience of AARP are older people who are going to be using a tablet or laptop in their home. They're retired and a password list on paper in their home is only at risk if people break into their home and decide to go through their papers for records (it's more likely jewelry and electronics will be at risk). These people can use a password manager, and the likely result is that because of complex password requirements, they'll write down the password to their password manager and every one of their passwords will be just as insecure as that piece of paper. And yes, I've seen people forget how to get into their password manager because they got a new monitor and it looks different so it confused them. And they then pull out the paper with their password manager password. After a long time of telling people to write down their password, and then telling them not to, I'm not sure either way is better or worse.
Just because someone is retured doesn't mean they're incapable. Yes, preparing for death or other incapacity is important, but need ONLY be the password to a password vault. Then, by definition, everything within the vault is present and up-to-date. I've written/spoken about this here: askleo.com/preparing-for-the-ultimate-disaster/ (video coming in a couple of weeks).
Writing down your passwords is stupid. Don’t do it
@@SnowyRVulpix. Writing unsupported statements is stupid. Don't do it.
I do you one better. convert your password to QR code.
and attach it to one of your favorite shampoo bottle.
thank me later.
@@ChibiKeruchan Then your wife throws away the shampoo bottle because it's empty. I mention this because I can't keep an empty bottle anywhere in the house. My wife will detect it and recycle it. No matter where I try to hide it.
Keeping your written list under lock and key is probably a bad idea, though. As a general rule, it's much easier to hide your valuables in inconspicuous places, than it is to hide a bulky safe or anything with a lock. Especially a piece of paper with passwords. Works better against your family, because they will know all about the safe and the locked drawers, and all those kinds of obvious places, anyway. If you have kids, they can know more than you think. Usually drawers can also be lock-picked with a paper-clip or something.
Works better against your friends as well, because they don't know your house like you do. And if a """"friend"""" is left alone in your home and decides to go through your stuff, there's also a higher chance they'll find a bulky safe than a piece of paper.
Works better with burglars for the same reason. And when it comes to burglars, you also don't want things locked, you want them well hidden. Because locks are completely useless and maybe even dangerous, unless no one's home. If they find the safe, the safe is open, because burglars carry with them the universal keys called knife-to-your-throat or gun-to-your-head, which are also very unhealthy to you.
It's for that reason that I personally feel like having a safe at home is actually rather dangerous. And more so if any of your friends learns about it.
My personal preference is for hidden compartments. The imagination is the limit. A fake electrical plug on a wall, can be a great little nook to hide small things, and absolutely no one will ever suspect it. The safe no one ever suspects to exist, is the best safe you can ever have. There's also furniture with hidden compartments. Many of them aren't that well hidden, so you have to choose very wisely. Some work with magnets, which can be bad if you misplace the magnet (long term, the magnet can also mark the wood, which is bad). The best example that I've ever seen is the _Secret Compartment Box II,_ built by the youtuber Dustin Penner. The hidden drawer is well disguised as part of the lower rim, and the "key" to the drawer is even part of the box itself, in a completely inconspicuous way. Pretty damn brilliant, imo.
You seem to have particularly mean family and "friends"! What about cutting ties loose?
@@MarcusCactus Nothing that I said was referring to my own family or friends.
What if a group manages to hack the password manager. It just sounds like a juicy target.
At least 99% of the passwords I use are for corporate web apps for where I work, and websites for my personal use. The only passwords that don't work in my browser are the ones I need to log into the corporate domain. And the corporate rules for domain passwords are just idiotic. Inadequate length requirements, along with bizarre prescriptions for alpha, numeric and symbols. It's really hard to remember whatever I dream up to meet the requirements, and no, I can't get a password manager to type it in for me; I'm not logged in. To make matters worse, we have to change our insane passwords every three months, whether the network has been compromised or not. So muscle memory and regular memory goes out the window on a three month schedule.
I often think I have dementia because the saved password, written down password agree but when I type it in. it gets rejected. This seems to happen when any company updates a program. If you don't want it written down and others say don't use PW Managers how are to to remember all those special passwords we have to create almost monthly?
Use password managers. I disagree strongly with whoever is telling you not to.
Best solution I've found is to design my own alphabet for most of the letters. Even if someone were to find my notebook, nobody will be able to understand it.
Yesterday my computer wouldn't start until I had logged into Microsoft. It doesn't usually do this, and I don't know why. Any computer-based password "vault" wasn't available to me. Because it's complicated, I certainly can't remember it. Scary, hey?
Or write down mnemonics that only you understand. A password of a password, to generalize. Good luck to anyone trying to decode that.
I used to do that (my wife still does), but I found that I couldn't always decipher my own passwords correctly!
You are right Leo. Everything is so insecure nowadays. Storms, tornadoes, fire etc can cause you to lose things.
I use keypass with a key file and secure master password. All other passwords have a "system" that I use to create that is easy, for me, to remember.
I use a password-manager since 3 years for daily use and changed to more complex passwords since then. Besides that, I have a well hidden paper-notebook to backup passwords non-digital and offline. My passwords are created by a password-generator (minimum 16 characters, letters capitalized and non-capitalized, numbers and additional characters). I copy them temporarily in a text-editor and sometimes edit them further more, to print them afterwards glue the printout into my paper-notebook. The notebook itself is well hidden (at first I needed several hours to find it by myself). I have a fake paper-notebook hidden not so well.
One of the problems with something like LastPass is that it too frequently fills the wrong password; so I MUST either use my brain's memory to put in the correct one, or I need to look for the correct password in Vault. And then still type in the needed password. But in general fairly short password choices with a few bits of complexity ARE my practices. As for actually physically writing my passwords,.... that is tricky. I avoid stating my actual practice here.
Google recently improved the password manager in Chrome I believe, but prior to that it was incredibly vulnerable.
So long as you were logged into Chrome - and, let's face it, most people configure it to auto-login on start up - all you had to do was call up the password management page, find the relevant website on the list and click on the show password icon. They seem to have changed that recently, as it now requires me to input my Window's password, though that seemed to start around the time I invested in MS Office, so I'm not sure whether the two events were related. In any case, I don't store anything important like banking passwords in Chrome, but I bet there are some that happily do.
Just a thought - how about storing passwords on in an encrypted document?
Not an universal advice! Depends on the individual.
I, for example, live alone - no peek possible.
If and when I die or am incapacitated (Alzheimer, hospital), nobody knows my practical details. So there is a cardboard file, prominently visible, labeled "In case of decease", which records everything necessary: not only passwords but also the financial accounts I have, the medical data, the websites I have an account with but also realworld associations I am a member or user, the phone and bank card and ID codes, whatever. Along with the list of people to inform.
For things "For my eyes only" I have created a selfmade "alphabet".
I am also a bit paranoid. Each website or app must store your password, and I don't trust their personnel or hacking vulnerability. That's one password at a time. Instead, the password manager people can access all your passwords in one go! Brrr! Frightening.
And then, I use various machines to access the internet: a desktop, a laptop, a iPad tablet and a smartphone. Password management differs, and I don't want to multiply the copies of my passwords list.
This is what I do. I use Excel and save the file with a password. I use lines for different entries and I use columns to write down the type ot entry (emails, stores, and so on), addresses, logins, passwords, contacts (like sellers), store type, phone numbers, orders, whatever, 1 column for every field that I am interested in. This way, I can sort the entries any way I want. Instead of Excel, you can use Word or Notepad. If I still want more security, I can encript the file with winrar or similar software. This way I only need to remember 1 or 2 passwords and leave the file on my desktop. Then I store a backup somewhere else, like, on another PC, laptop, flash drive, external drive, you get the idea. If I also want to access the password file anywhere in the world, I upload a copy of the password file to some cloud, like google drive, onedrive, mega, rapidgator, nitroflare, ...
Yep, that's exactly what I do, too. I just put the passwords and related info in a Word document, then encrypt it using 7zip and save it on my computer. And for remote access if i ever need it, I emailed a copy of the encrypted doc to myself.
As you say, I use a password manager, cryptic password are REALLY hard to type and not get you locked out of an account as you either got it wrong too many times, or it timed out.
However, when it comes to my 90 year old aunt, I really hope she has written them down on paper, otherwise I'm going to be in a real pickle when she asks for help. Her using another program (password manager), please no - that's from experience supporting her.
If I did I'd get called for a visit, "So where is XXX password", It's in that thing you put there the other day, "So what's the password managers password ?", I don't know, it's in that thing you put there - I did what was suggested and put them all in there, and now I cannot pay my power bill.
As for someone else seeing her paper password list on her desk, that is the least of her problems, the main one is she now has an intruder in her house, forget the computer, get out of there, call the police.
Sorry, I will continue to use my easy to remember and type passwords so that I don't have to reset them every time I use a web site that I only access once or twice/year. Also, I keep them all in an alphabetized address book in my home office desk drawer. I have both mine and my husband's in there so if one of us should pass away--we would have access to everything we need.
The password managers do not hold the pwds for the main programs like Google, apple, microsoft. Why
They do for me. And even if they don't auto fill, you can copy paste.
If you rely on a written list of passwords, and that piece of paper disappears, then you are screwed (or do you have a copy of that written list somewhere else?).
Someone in your office decides to stick it to you, and takes your list.
Your dog eats it.
You are burglarized. You get a new computer, and you are locked out of all of your sites. Perhaps you can use their "Forgot Password" feature, and cross your fingers.
Most password managers are easy to use, and you can save a copy of your password database on a separate drive. You can even keep a copy of your password database with a cloud storage service. If you have a strong master password, that remote copy of your password database is useless to anyone other than you. And having a copy, elsewhere, will get you out of a world of trouble if your storage drive fails, and it had your password database. Or if you are burglarized, etc.
Use a password manager.
Use a strong master password.
Make a copy of your password database, and keep that copy in a different room (or with a neighbor or friend or cloud service). You can purchase a 1GB flash drive for under $1. It will easily hold your password database (which will likely be ~5MB or smaller).
Great. Now I not only don't know what a password manager is, I've got an idea, but don't know which ones are good. LOL
20-30 character password? That's not going on paper, but a in text file haha. Especially ones that expire.
Sure, I printed out my Onepass passwords and taped them to the wall next to my computer.
what if power fails I do write down passwords in a safe place
HI, thank you for the video. Do you have a secured Back up of your passwords (digital or printed) in the case Password manager service is for some reason down or unavailable? and if you do and it's digital do you encrypt it as well?
Yes and yes. I regularly export my 1Password database, and store that encrypted.
Thanks Leo! good one!
Are there free password managers that offer unlimited password storage? If yes, can you make a video on it? Thanks.
Bitwarden?
Nordpass, Bitwarden, Zoho Vault, Keepass (or KeepassXC), ProtonPass, and Synology C2 all have free options with unlimited login entries across all of your devices. Out of these, I find Bitwarden and Zoho Vault to have some of the best browser extensions with user-triggered auto-fill. I personally haven't tried Proton or Synology, because I'm quite happy paying $10/yr for Bitwarden. I have tried Nordpass, 1Password, Bitwarden, Zoho Vault, KeepassXC, and Roboform. I definitely wouldn't use LastPass.
Keepass or KeepassXC. (I've always used KeepassXC, but I presume Keepass is also unlimited.)
Keepass is only for windows, iirc. If you're not on windwos you'll need KeepassXC.
Thanks @@andy_3_913
Bitwarden is great in my experience
or keep it in notepad on a pendrive flash drive is that ok is that safe still
Regular .txt or .docx files are generally not encrypted, so anyone who has access to your flash drive has access to your login information. If you are going to do something like this, I'd recommend using a Keepass database file (.kdbx). You then have searchability, hierarchical organization of entries, easy copy/paste, the ability to link a browser extension, and the database is encrypted using a password, a password+keyfile, or password+Yubikey combination. It's then trivial to copy the file anywhere you like as a backup. Keepass and KeepassXC are pretty light applications, so you won't need to be concerned with them using too many computer resources just to manage your login information.
The caveat is you will need to construct an easy-to-remember (or easy-to-reconstruct) password or passphrase that you can readily type in when you open the database. If you don't know how, Leo has an article and video on this very topic. I have a few methods of my own, as well.
A most interesting suggestion made!
It's safe if you encrypt the file, but otherwise, no, it's not safe if anyone who gets access to the flash drive can just open the file.
Well browsers password manger not so bad like the one on the macs and iPhone pretty good its also windows cross platform it can be locked as well its a lot safer than hum hum last o pass data hack
Problem is, passwords be stored in one browser on one device. Maybe a way to use same browser on more than one device?
Hi there, is it possible to recover my youtube back after I've accidentally deleted my Gmail & I can't recover it because I totally forgotten my email & password
So you deleted your GOOGLE account, which is both your RUclips account and your Gmail account. All you can do is try the account recovery process. I'd start you here: askleo.com/access-gmail-without-phone-verification/ but be sure to try ALL the options, including google recovery at the end.
Write them in an archaic alphabet or something.
Leo!
Writing Down Passwords.
Consider this. Husband and Wife where the Husband is the sole user of the computer and the Wife has little or no knowledge of using PC’s.
He has created accounts on the internet for his Banking, Share Trading, Email, -- You get the idea!
He passes away and the wife or the Executor of his Estate is left stuck trying to sort out all the on-line accounts. The can’t find the passwords or even the user names of the on-line accounts in order to close them or transfer funds in those accounts to the wife’s account.
In this case writing down complete information about on-line accounts is very important. Type up the information, print it out, attach it to your Will and delete the file from the pc.
Sounds exactly like my situation. We solve it with a password manager that allows us to share entries. (1Password)
@@askleonotenboom Not a solution when you are living alone. Far'away family. And no friend enough to trust.
I write down on my personal book using pencil so that I can keep erasing for entering new passwords and I feel safe no one can see my book. Using password manager hackers can hack.
Also, if you lose your notepad all of your passwords will be gone. Password managers can't get lost or be destroyed.
But password managers can get hacked.
And password management firms can go bust.
And technology can make your PMsystem obsolete.
I use both Bitwarden and KeepassXC. The latter is not connected to the internet at all, it is stored on a flash drive. If the firm should go bust, I will still have all my passwords safe and secure. It will not go obsolete, I always check for updates.@@MarcusCactus
Disagree. But it depends on discipline. There are more thieves on the internet than there are in my house. More likelihood of having so-called secure data hacked than my coded, written down passwords accessed and decoded. For most websites the security of the password is pretty irrelevant, who cares if someone hacks your BBC online account? Others are critical, such as bank accounts. Two stage authentication is then a must.
what if power fails and you cant get at anything??
Well, then you won't be signing in to anything, will you? :-)
If you use a password manager, you can save your password database (probably a single, small file) to another storage device (such as a USB drive).
Since you have no power, you might use some other computer, in a different location, that has power. So you take your USB drive with you, and you have your password database available to use on that other computer.
But you have to trust that other computer, if you are going to load and unlock your password database on that other computer.
You may have a mobile device (battery powered) available, and need to remember certain passwords on your own even if means without password manager. Maybe you could run a password manager on the mobile devices too.
Your criticism simply does not apply to me on all counts. My passwords are random and complex. This is inconvenient but I do it anyway. Password managers can be hacked. A piece of paper cannot be hacked on the internet!!
But it can be lost or stolen at home.
@@askleonotenboom I would, in most cases, have time to create new passwords if they were forcibly robbed from me at gun point, or if I lost the paper. Without explaining here, I have hiding places that are simple for me (giving me quick access to them) but which no burglar would find (you would agree if I explained). This is much more secure than anything online.
Well, I'll argue this.
Keep in mind the targeted audience of AARP.
Old folks.
For that demographic, this is probably the best and most reasonable advice - for them.
To be clear, I'M IN THEIR AUIDIENCE. (They start grabbing people at their 50th birthday, so perhaps younger than you think.) This simply reinforces the stereotype that "old" (whatever definition you use) people are incapable. That's simply NOT TRUE.
@@askleonotenboom Agreed on that. I was also a little disappointed with AARP's approach. They really didn't even bring up the idea of using a password manager, but just went straight to the "write your passwords down" solution. Instead of talking down to their intended audience like they're clueless and helpless because they're older, they could have done a well-written segment educating readers on the basics of password managers. They fumbled the ball on that one. As for "old folks", I'm a 68+ retired sysadmin and I've seen my share of people of ALL ages with sticky notes on their monitors with passwords for all to see, and I'll attest to the fact that age is irrelevant when it comes to following best practices (or failing to).
That's a strange and persisent fallacy. The internet is not new. The 'information superhighway' went mainstream in 1995, the same year Windows 95 turned PCs into home appliances. The IBM PC came out in 1981. I figure you'd have had to be retired in 1990 to not ever had to use a computer at work, which would make you 98 years old today.
@@user-iy6rm6pm4j Interestingly enough I've been exchanging email with a gentleman who's TEACHING tech. He's 100. 👍🏻👍🏻
@@askleonotenboom, I have known a few old people. Some of them are INCAPABLE. Stubborn; not understand; confused.
AARP... I'm 69 and counting, haven't fallen for any of their suggestion.
I have over 200 passwords in a book. sounds bad but it is in code, they are basically password reminders. when you have so many passwords you need to know what password is for what account/site. you cant rely on browser or third party vender's to remember your passwords.
hi leo
nice hairdo
My password list is a list of clues that only I know. I moved around a lot as a child. Example( Hint Ages 10,14) means the addresses I was at when those ages. Example 53imaginaryroad125madeuplane. Hint first 2 records. Hint name and address of 1st girlfriend. etc: