Great video as usual. Yes there are keepass apps in the app store. I use one. A few additional steps I take, some kind of inconvenient, but I'm used to them 1) My keepass db is never online. At least not willingly. Never in dropbox, never emailed, etc. Some automatic backup system may have copied it at some point (iCloud backup for instance, even though I keep that one local too) 2) My db is not even in my computer. Its on a usb drive I plug in when I want to use it. It is backed up several times though. This is actually based on advice from Rob in another video. 3) Not only I use different passwords on each site, but different emails. I just create a new one for each, which means I need to keep two passwords per site. One for the site and one for the email Not a big deal, all is in the db. I used to use protonmail for this, but they have cracked down on this kind of behaviour. 4) Whenever I need to dispose of an old drive where the db used to be, I change all my important passwords. Easy when keepass generates them for me. 5) My master password lives only in my head. It was written to a piece of paper once that my wife has, should the need ever arise. My only reservation about keepass is that it uses the clipboard to transfer the credentials. Although in MacOS you can have it send the creds directly to the browser. I did read a while back about some rogue mobile apps that would constantly monitor the clipboard, hoping to capture some of this. A very easy thing to slip into an app. Just be careful what you install in your phone.

The luxury of “Convenience” is being used to taken advantage of people everywhere. It takes exercising some self discipline to counteract it.

Useful thanks. AI might be a major threat to password managers now that AI is now sitting in every phone monitoring key presses

I use a text file generally but I do also use a completely offline password manager on a Palm PDA, backed up to an SD card and that SD card encrypted.

Isn't one obvious attack vector of offline password managers that an attacker would install a key logger or some software pretending to be the master password input dialog to just steal the master password? I mean the big difference between using many different passwords manually instead of automatically via a password manager is that you would loose all your passwords immediately instead of loosing them over time by key logging. So there's a lower chance to notice the attack before maximal damage is already done. I personally do not like relying on software security to store my passwords to be honest. The inconvenience to use my passwords across devices, especially when I'm not on my own device, is also a huge downside. Anyway it's a great video about the topic! Really informative!

You are like a Farmer Outstanding In Your Field 😎

Always keep a backup of passwords as haD some managers go wrong or get locked out! Thanks for video

you're opening is hilarious, and I truly appreciate the humor and influence for this content. :)

Thanks very much for all that information about password managers. I've been considering for a while now whether I should use a password manager. To date I've been relying on my memory , with what are for me, easy to remember passwords, usually 8 to 15 characters in length. Fortunately I don't have that many passwords to remember, & it hasn't been a problem for me to date.

As long as you disable automatic autofill, PM are pretty safe, still I would not store core passwords there, since they can be used for password recovery and MFA. P.S.: Keepass used to allow a keyfile, you were not be able to open the database, if you did not have it. Not sure, if it still the case. It provided an ultimate 2FA protection.

Some banks and businesses are limiting us to 8 and 15 characters. I think this is nuts.

Question. If you don’t use browser extension to fill password info into the site how do you copy it over? 1) copy and paste, not good 2) view then memorize and type in? Thank you :)

one of the best youtubers in this field

bitwarden is the standard answer to PC+mobile

Apparently, the only video of yours that chatGPT has watched was the one in which you mentioned using a password manager. Well, now we know that chatGPT doesn't binge watch videos on KZbin. LOL

Actually, with 1password at least in its current form (v7) it is possible to securely distribute the password file between devices without it being stored on any cloud service. 1password does offer online accounts, but also an alternative to temporarily run a WLAN server on the macos version that iOS devices can sync to. I have kept with 1password because it offers this option as I too feel uncomfortable about having a copy of my passwords file in the cloud. Note WLAN doesn’t support sync between multiple macos devices though, so its not a total solution, but it does support other sync options which can address this.

The best way to remember your password is to write it on a post-it note and stick it on your monitor.

Excellent video again! Very helpful 👍 Thanks Rob.

KeepassXC has this BIG issue that it is either completely unlocked and then anyone can say export your passwords in open, or alternatively it is locked and you need to enter master password to retrieve each individual password. Even worse, developers do not understand this at all as an issue.

I love Keepass.

Rob, can you do a video on how safe privacy credit cards are? Is there a way to buy a brax phone & cell service without revealing my identity?

Nice summarization. Thanks Rob.

I heard that it made up a scientific research paper on the fly, and then quoted from it. When it was confronted by its lie, it said: oh sorry.

My password manager is a little black book & a pen.

Local man explains online privacy.

Hi and thank you for you analysis. What about to use veracrypt?

sessions may got hijacked on the lastpass breach, too. while the usernames and passwords are encrypted, some of the urls were not.

I just dont save passwords which have access to my finances.😅

I'd make well sure any password manager gets no usage data access and no special access. And no WiFi control especially Bluetooth scanning use. And yup, clear its cache frequently

What about hardware password managers such as Mooltipass? They seem to be more secure in exchange for carrying a device in your pocket.

I wonder what do you thinks about Passkey. Could it become a password management standard?

15 char length pass is no longer sufficient. Need at 30.

UPDATED: janburn007 gave me the answer. he has a sea boat. it's not a rv motorhome. I always wondered, Are you filming in a RV motorhome? because that's what it looks like.

You don't have extensions. What about bookmarks? Can't they be tracked, too? Or is there something like a "keepass" for bookmarks?

I simply use a text file that gets password-protected & backed up to a USB thumb drive - no cloud, no additional software installs, no BS

How do you increase to AES-512?

Also using syncthing to sync my keepass on different devices

I still use my Trusty BlackBerry Password Manager 😁👍🏻😎👊

I write mine on paper in a code that has no pattern and meaning only to me.

Yo, I hated Chat GTP for misdescribing old books, including making up stories about people who reviewed those ancient works. Repulsive to watch the machine rewrite history as a simpler idea.

I just use the password reset option when I get locked out of my account.

God Bless

AFAIK, they are save if they use encryption and your master password isn't 12345. 😉

Interesting 😅 👌 👍

i will never spend more then 50 bucks on a phone. so i am not worried about the mobile issue.

Baries with use case; if not impt, then online okay

👍

"You will be zucked!" LOL

When you say safe the real question is safer then what?

Nothing is safe, no cloud, no email server, no OS, no password manager ...nothing.

They are safe for me because I don't use the zucking things.

Spaceballs 12345!

funny I have 4 letter pages of 12pt font of passwords

a-mason

So.... Did AI trick you into making a video on this topic.. Think about it.

Stop doing 24fps

Anything that can be done about the $50 a Year for an email account. Seems a bit Steep. How about Deals for cheaper prices for more than one year if paid upfront.

regime toadies twit network spent so much time shilling lastpass, funny now.

How about the password manager that comes with your cellphone?

Chatgbt rob braxman is mark zuckerberg