Isn't one obvious attack vector of offline password managers that an attacker would install a key logger or some software pretending to be the master password input dialog to just steal the master password? I mean the big difference between using many different passwords manually instead of automatically via a password manager is that you would loose all your passwords immediately instead of loosing them over time by key logging. So there's a lower chance to notice the attack before maximal damage is already done. I personally do not like relying on software security to store my passwords to be honest. The inconvenience to use my passwords across devices, especially when I'm not on my own device, is also a huge downside. Anyway it's a great video about the topic! Really informative!
As long as you disable automatic autofill, PM are pretty safe, still I would not store core passwords there, since they can be used for password recovery and MFA. P.S.: Keepass used to allow a keyfile, you were not be able to open the database, if you did not have it. Not sure, if it still the case. It provided an ultimate 2FA protection.
it did in back in 2011, so I would hope so, and if it did not NOW, I'd worry about who owns the company. Having to Owner-Check sites and apps is MOST annoying! Zuck you, globalists!
I'd make well sure any password manager gets no usage data access and no special access. And no WiFi control especially Bluetooth scanning use. And yup, clear its cache frequently
@@robbraxmantech so what is better - (1) keeping cookies stored by my plain browser or (2) use just that one password manager extensions and clearing all the cookies automatically wen I close the browser?
UPDATED: janburn007 gave me the answer. he has a sea boat. it's not a rv motorhome. I always wondered, Are you filming in a RV motorhome? because that's what it looks like.
@@TCKRDefense He has previously indicated that he has a home in Los Angeles, but because he is also into sailing, he has a boat, & often uses that to film videos.
It is a lovely yacht. He shows what it is like to do certain tasks. Some videos he has his friends helping out. Very cool guy. His jazz group is cool too. He feels his music.😎
Great video as usual. Yes there are keepass apps in the app store. I use one. A few additional steps I take, some kind of inconvenient, but I'm used to them 1) My keepass db is never online. At least not willingly. Never in dropbox, never emailed, etc. Some automatic backup system may have copied it at some point (iCloud backup for instance, even though I keep that one local too) 2) My db is not even in my computer. Its on a usb drive I plug in when I want to use it. It is backed up several times though. This is actually based on advice from Rob in another video. 3) Not only I use different passwords on each site, but different emails. I just create a new one for each, which means I need to keep two passwords per site. One for the site and one for the email Not a big deal, all is in the db. I used to use protonmail for this, but they have cracked down on this kind of behaviour. 4) Whenever I need to dispose of an old drive where the db used to be, I change all my important passwords. Easy when keepass generates them for me. 5) My master password lives only in my head. It was written to a piece of paper once that my wife has, should the need ever arise. My only reservation about keepass is that it uses the clipboard to transfer the credentials. Although in MacOS you can have it send the creds directly to the browser. I did read a while back about some rogue mobile apps that would constantly monitor the clipboard, hoping to capture some of this. A very easy thing to slip into an app. Just be careful what you install in your phone.
Question. If you don’t use browser extension to fill password info into the site how do you copy it over? 1) copy and paste, not good 2) view then memorize and type in? Thank you :)
Yo, I hated Chat GTP for misdescribing old books, including making up stories about people who reviewed those ancient works. Repulsive to watch the machine rewrite history as a simpler idea.
Actually, with 1password at least in its current form (v7) it is possible to securely distribute the password file between devices without it being stored on any cloud service. 1password does offer online accounts, but also an alternative to temporarily run a WLAN server on the macos version that iOS devices can sync to. I have kept with 1password because it offers this option as I too feel uncomfortable about having a copy of my passwords file in the cloud. Note WLAN doesn’t support sync between multiple macos devices though, so its not a total solution, but it does support other sync options which can address this.
Apparently, the only video of yours that chatGPT has watched was the one in which you mentioned using a password manager. Well, now we know that chatGPT doesn't binge watch videos on RUclips. LOL
KeepassXC has this BIG issue that it is either completely unlocked and then anyone can say export your passwords in open, or alternatively it is locked and you need to enter master password to retrieve each individual password. Even worse, developers do not understand this at all as an issue.
??? That's how it is supposed to work. You don't use KeePass for convenience, you use it for a more secure level of password keeping than online variants. It's basically the same as using an encrypted file, just slightly more convenient.
pay with cash, to get a visa or mastercard cash card, or have someone remote that you trust do the same for you if you want to obfuscate your city or state as well, and/or not appear on camera where you purchase such things
Thanks very much for all that information about password managers. I've been considering for a while now whether I should use a password manager. To date I've been relying on my memory , with what are for me, easy to remember passwords, usually 8 to 15 characters in length. Fortunately I don't have that many passwords to remember, & it hasn't been a problem for me to date.
@Sergi Tsanz So what is the benefit to me of using a password manager, if I don't presently have any problem remembering my passwords for a few different web sites that I regularly use?
@@unmapped89361 Yes, I do have a different password for each account. The passwords are similar in part, though have something which makes each one unique. Some of the older passwords are still 8 or 9 characters - though the more recent passwords are at least 15 characters.
Anything that can be done about the $50 a Year for an email account. Seems a bit Steep. How about Deals for cheaper prices for more than one year if paid upfront.
Isn't one obvious attack vector of offline password managers that an attacker would install a key logger or some software pretending to be the master password input dialog to just steal the master password? I mean the big difference between using many different passwords manually instead of automatically via a password manager is that you would loose all your passwords immediately instead of loosing them over time by key logging. So there's a lower chance to notice the attack before maximal damage is already done.
I personally do not like relying on software security to store my passwords to be honest. The inconvenience to use my passwords across devices, especially when I'm not on my own device, is also a huge downside.
Anyway it's a great video about the topic! Really informative!
Well if you are owned at the os level its just over regardless.
The luxury of “Convenience” is being used to taken advantage of people everywhere. It takes exercising some self discipline to counteract it.
As long as you disable automatic autofill, PM are pretty safe, still I would not store core passwords there, since they can be used for password recovery and MFA.
P.S.: Keepass used to allow a keyfile, you were not be able to open the database, if you did not have it. Not sure, if it still the case. It provided an ultimate 2FA protection.
it did in back in 2011, so I would hope so, and if it did not NOW, I'd worry about who owns the company. Having to Owner-Check sites and apps is MOST annoying! Zuck you, globalists!
Some banks and businesses are limiting us to 8 and 15 characters. I think this is nuts.
fucking bankers and their fucking systems
I'd make well sure any password manager gets no usage data access and no special access. And no WiFi control especially Bluetooth scanning use. And yup, clear its cache frequently
I wonder what do you thinks about Passkey. Could it become a password management standard?
It will be a video.
I write mine on paper in a code that has no pattern and meaning only to me.
I do the same. We are beyond PMs
You don't have extensions. What about bookmarks? Can't they be tracked, too? Or is there something like a "keepass" for bookmarks?
Bookmarks are just fine. Just extensions
@@robbraxmantech so what is better - (1) keeping cookies stored by my plain browser or (2) use just that one password manager extensions and clearing all the cookies automatically wen I close the browser?
UPDATED: janburn007 gave me the answer. he has a sea boat. it's not a rv motorhome.
I always wondered, Are you filming in a RV motorhome? because that's what it looks like.
Rob Braxman has mentioned in some previous videos, that he is filming on his boat.
@@janburn007 ok thank you. i feel bad because i know he has a channel for his sea boat thing. but i never really looked into it.
@@TCKRDefense He has previously indicated that he has a home in Los Angeles, but because he is also into sailing, he has a boat, & often uses that to film videos.
It is a lovely yacht. He shows what it is like to do certain tasks. Some videos he has his friends helping out. Very cool guy. His jazz group is cool too. He feels his music.😎
Interesting 😅 👌 👍
i will never spend more then 50 bucks on a phone. so i am not worried about the mobile issue.
When you say safe the real question is safer then what?
Spaceballs 12345!
I still use my Trusty BlackBerry Password Manager 😁👍🏻😎👊
funny I have 4 letter pages of 12pt font of passwords
regime toadies twit network spent so much time shilling lastpass, funny now.
How about the password manager that comes with your cellphone?
Useful thanks. AI might be a major threat to password managers now that AI is now sitting in every phone monitoring key presses
Great video as usual.
Yes there are keepass apps in the app store. I use one. A few additional steps I take, some kind of inconvenient, but I'm used to them
1) My keepass db is never online. At least not willingly. Never in dropbox, never emailed, etc. Some automatic backup system may have copied it at some point (iCloud backup for instance, even though I keep that one local too)
2) My db is not even in my computer. Its on a usb drive I plug in when I want to use it. It is backed up several times though. This is actually based on advice from Rob in another video.
3) Not only I use different passwords on each site, but different emails. I just create a new one for each, which means I need to keep two passwords per site. One for the site and one for the email Not a big deal, all is in the db. I used to use protonmail for this, but they have cracked down on this kind of behaviour.
4) Whenever I need to dispose of an old drive where the db used to be, I change all my important passwords. Easy when keepass generates them for me.
5) My master password lives only in my head. It was written to a piece of paper once that my wife has, should the need ever arise.
My only reservation about keepass is that it uses the clipboard to transfer the credentials. Although in MacOS you can have it send the creds directly to the browser. I did read a while back about some rogue mobile apps that would constantly monitor the clipboard, hoping to capture some of this. A very easy thing to slip into an app. Just be careful what you install in your phone.
Question. If you don’t use browser extension to fill password info into the site how do you copy it over? 1) copy and paste, not good 2) view then memorize and type in? Thank you :)
I just dont save passwords which have access to my finances.😅
You are like a Farmer
Outstanding In Your Field 😎
farmer with a shotgun.
My password manager is a little black book & a pen.
I use a text file generally but I do also use a completely offline password manager on a Palm PDA, backed up to an SD card and that SD card encrypted.
15 char length pass is no longer sufficient.
Need at 30.
In theory! It's not easy unless you dedicate a botnet.
bitwarden is the standard answer to PC+mobile
Yo, I hated Chat GTP for misdescribing old books, including making up stories about people who reviewed those ancient works. Repulsive to watch the machine rewrite history as a simpler idea.
Actually, with 1password at least in its current form (v7) it is possible to securely distribute the password file between devices without it being stored on any cloud service. 1password does offer online accounts, but also an alternative to temporarily run a WLAN server on the macos version that iOS devices can sync to. I have kept with 1password because it offers this option as I too feel uncomfortable about having a copy of my passwords file in the cloud. Note WLAN doesn’t support sync between multiple macos devices though, so its not a total solution, but it does support other sync options which can address this.
Apparently, the only video of yours that chatGPT has watched was the one in which you mentioned using a password manager.
Well, now we know that chatGPT doesn't binge watch videos on RUclips.
LOL
I heard that it made up a scientific research paper on the fly, and then quoted from it. When it was confronted by its lie, it said: oh sorry.
KeepassXC has this BIG issue that it is either completely unlocked and then anyone can say export your passwords in open, or alternatively it is locked and you need to enter master password to retrieve each individual password.
Even worse, developers do not understand this at all as an issue.
??? That's how it is supposed to work. You don't use KeePass for convenience, you use it for a more secure level of password keeping than online variants. It's basically the same as using an encrypted file, just slightly more convenient.
So....
Did AI trick you into making a video on this topic..
Think about it.
That’s a funny thought. Thanks for suggesting it. Hmmmmmm
I love Keepass.
Local man explains online privacy.
Are you trying to dox him, or yourself, or both?
The best way to remember your password is to write it on a post-it note and stick it on your monitor.
The easiest yes, but definitely not the best unless you are a hermit on an asteroid.
@@NorthernChimp it was a joke
Rob, can you do a video on how safe privacy credit cards are? Is there a way to buy a brax phone & cell service without revealing my identity?
pay with cash, to get a visa or mastercard cash card, or have someone remote that you trust do the same for you if you want to obfuscate your city or state as well, and/or not appear on camera where you purchase such things
How do you increase to AES-512?
Thanks very much for all that information about password managers. I've been considering for a while now whether I should use a password manager. To date I've been relying on my memory , with what are for me, easy to remember passwords, usually 8 to 15 characters in length. Fortunately I don't have that many passwords to remember, & it hasn't been a problem for me to date.
@Sergi Tsanz So what is the benefit to me of using a password manager, if I don't presently have any problem remembering my passwords for a few different web sites that I regularly use?
@@janburn007Do you have a unique password for every account? (BTW: I think around 14 characters should be the minimum length nowadays)
@@unmapped89361 Yes, I do have a different password for each account. The passwords are similar in part, though have something which makes each one unique. Some of the older passwords are still 8 or 9 characters - though the more recent passwords are at least 15 characters.
AFAIK, they are save if they use encryption and your master password isn't 12345. 😉
What about hardware password managers such as Mooltipass? They seem to be more secure in exchange for carrying a device in your pocket.
Always keep a backup of passwords as haD some managers go wrong or get locked out! Thanks for video
sessions may got hijacked on the lastpass breach, too. while the usernames and passwords are encrypted, some of the urls were not.
you're opening is hilarious, and I truly appreciate the humor and influence for this content. :)
Excellent video again!
Very helpful 👍
Thanks Rob.
Hi and thank you for you analysis. What about to use veracrypt?
I just use the password reset option when I get locked out of my account.
They are safe for me because I don't use the zucking things.
Nice summarization. Thanks Rob.
Baries with use case; if not impt, then online okay
one of the best youtubers in this field
"You will be zucked!" LOL
Stop doing 24fps
Nothing is safe, no cloud, no email server, no OS, no password manager ...nothing.
True but some things are safer than others
Chatgbt rob braxman is mark zuckerberg
God Bless
Also using syncthing to sync my keepass on different devices
Yes thank you. Great idea
I simply use a text file that gets password-protected & backed up to a USB thumb drive - no cloud, no additional software installs, no BS
Sounds like KeePass to me
👍
a-mason
but is it free? haha
Anything that can be done about the $50 a Year for an email account. Seems a bit Steep. How about Deals for cheaper prices for more than one year if paid upfront.