"This sponsor is going to pay for them" - The most honest ad transition ever (Respect)

Today i gave company email credentials to a new employee with note please remeber your password and put it somewhere safe. 10 minutes later i found post it note with the password sticked under monitor.

As a non-tech person, I appreciated the simple explanation of what the password manager is and why using one is important, without a product pitch for a particular one. (although I will probably look at your other videos for recommendations!) Thanks

For anyone looking in the comments for a password manager, I highly recommend Bitwarden. It's opensource and has recently passed a 3rd party security audit. You can choose to use their cloud servers, or host your own server to control all of the data yourself. While having all the core features you'd expect from any other password manager.

Did anyone else catch the PEN15CLUB at 2:00 😂

5:07 that segway was the smoothest one yet

Are we not gonna talk about the hidden joke in the passwords for the local drive "pen15club"

My password is "incorrect" so that everytime I forget it, the website or my computer will remind me that "your password is incorrect".

How Do Techquicke Works!

>Makes a video about password managers. >Doesn't get password manager to sponsor video

Name 130 Pokemon eh? Challenge accepted! Also, screw you, Magikarp ROCKS.

Thanks for the tip! Ordered two Password Minders for me and one for each my family members!

Dennis's sekrit evaluation is the best one.

This was less “How do password managers work” and more a how to on how to use password managers to your advantage which I already know. Disappointed. Not the detail that I’ve come to expect from tech quickie.

Jon's and Dennis' sekrit evaluations are so true

I use KeePass, unlock it with a key file + master password and keep all the required files on a private cloud hosted on a raspberry pi (nextcloud). This way I can use it from anywhere and keep backups with the desktop client that automatically syncs the database. Then, for the browser, I've installed a plugin that connects to the database that autofills the passwords on the sites and for extreme conditions keep copies of the 5 most recent changes done on the database.

What i prefer: Using KeePass on my PC, syncing it via my NAS to my phone and Laptop and doing regular backups on a USB Stick :) And if you have no NAS you could store it on an USB Stick or use a cloud service to save your database :)

The best way to make a master password: slam your hands on the keyboard and remember that over time.

Thanks for the video!

Was lowkey expecting an ad related to password management

!!!!PRO TIP: When using a cloud-based Password Managers like Last Pass, Register it under a separate or single-use Email. NOT YOU PUBLIC OR REGULAR USED EMAIL!!!!! This won't stop you from being hacked, but it will make it a magnitude more difficult for someone else to get into your Password Manager account. Been with Last Pass for 2-3 years and couldn't be happier.

Protip: Use two password managers, and store the master password for each password manager on the other one. Then you don't need to remember any passwords!

Nice hunter2 reference.

I have my passwords written down in two little notebooks: one has the account names and user IDs with a number, and each number is connected to a password written on the other notebook. I never keep them in the same place, and always in my home. I also wrote them all down in a Word document, which I then put in an encrypted archive which I uploaded on the cloud, just in case something were to happen to the notebooks. I wrote down the password to the archive and the password to the cloud storage account in a safe, hidden place, but have them memorized by now. Hack that.

0:20 - EVERY DAY in Linus' secret work room!

"My password is 1-2-3--4-5. Its the same one I use for my luggage!" - President Skroob

Just use KeePass and store the database on a cloud service like DropBox. There are KeePass clients available for nearly every device which allow you to then access the database from the cloud service of your choice and thereby changes you make on one devices will synced to your other devices as well. This solution not only solves the risk of losing your database but also is the only solution to anyone who wants to be 100% sure his passwords are stored encrypted (most other online password managers are not open source).

KeePass can store passwords in your own cloud or on clouds like Google drive

The best password is usually a passphrase of 16 to 32 characters, letters, and symbols if it supported. Also write it down or print it and hide it somewhere in your home. like under the bed frame or sometimes inside your PC case or on an SSD or hard drive (outside). being creative where you put it mostly.

I think I speak for everyone when I say that we want the uncut footage of Linus guessing Pokémon names

If the password manager generates a psuedo random password for you, I'm assuming that means random characters, wouldn't that make it easy for somebody else to brute-force it? Where the most safe passwords are a combination of full words and numbers, which are hard to make an algorithm for, while making sure your chosen words and numbers can't be reverse engineered based on your personal information.

So it whould be nice if you could make a comparison video. And also a cloud vs local :)

"speaking of employees, ... this sponser is gonna pay for them. squarespace is the free...." best ad intro yet :P

if you use keepass and store it on your one drive or another cloud storage service that keeps files updated at any change, than its pretty much like a cloud solution, since the latest versions of keepass will be able to update keeping the latest version available even when you're using in two different computers at the same time. The only disadvantage of keepass is that you won't have the auto fill feature, ever since it is not a web browser based solution.

The video does NOT talk about what the title of the video said. There's very little information for a 6 minute video anyway, and then it isn't even the information I was promised.

On the topic of passwords... we managed to figure out the best way to create passwords so that they are hard for humans to remember, but relatively easy for computers to break. Numbers, special symbols or capital letters dont do shit. Somebody trying to break your password will have to go through these permutations anyways, for the sole reason that they are possible. A password like Tr0ub4dor&3 is over-average save with 11 characters, but still only has an entropy of ~28 bits (according to a security paper) and is hard to remember for our human brains. A password like correct_horse_battery_staple (4 common words that have nothing to do with each other) has an entropy of ~44 bits, but is way easier to remember once you have a specific image in your head. For a web-based attack with only 1000 "guesses" a second, the difference in time needed to break these two passwords is insane; ~3 days vs ~550 years. Even tho, if it's an offline-based attack neither of them wont last very long.

Bitwarden FTW

If people decide to physically write down passwords on something they need to be destroyed properly (such as with a paper shredder) before being thrown away. This is particularly common around the new year when people search for calendars in dumpeters.

Watching Linus list off Pokemon... HAHA! This is great.

I use Dashlane and I love it!!

I saw a lastpass ad with techquickie in it and thought it was the video lmao

You missed a very viable alternative to regular cloud/local password managers. Stateless password managers (such as masterpassword.app) don' t require storage of any kind, just memory of a master password and a name or string. This, in my opionion, is much more preferrable to proprietary password managing solutions as it does not require trusting a company with access to every online service that you signed up for on the internet.

You guys should make a video about Google's own password manager. Its so convenient it makes me rethink using lastpass which is not so native on android as Google's (doesn't load on every site or app for example)

10/10 would watch a CSF where Linus names as many pokemon as he can.

i use lastpass and ever since i got it it has made my life so much easier

What if you go on a different pc everytime at work or library or whatever? You have to sign into the password manager then go to the site. I'll just use a password based on the website so each password is different but easy to remember.

They should do a video of Linus trying to name the pokemon, I'd watch it.

Lmao the Pokémon bit! Subscribed just for that

I want a video just of Linus listing all the Pokemon that he knows

Keepass stored on my own server with enough encrypted backups. Can access them on all devices with ease. If they can even get a hold of the datafile, they still have to decrypt it.

They work by storing all your passwords in one place, so that if they ever get hacked, you are completely screwed.

The video uses sha-256 as "encryption"... Password managers definitely do not use Hashalgorithms to store the passwords, since they have to access the unecrypted passwords which can not be recovered from hashes. Most password managers probably use a secure symetric encryption method where the key is derived from the master password.

I prefer password generator, something like LessPass... It does not store anything and you can use it offline... It takes the website/service name, the email/username and a master password to generate a password... And the best part is that it is open source!

Linus pronounces Pokemon right! Well done...

really nice video .does using kms auto to activate windows compromise our privacy???

Others: But if someone hacks your password manager, they get all your passwords Me: But if you use the same password everywhere, the same thing happens.

Its been pointed out that one should not think of passwrods as WORDS, but as pass phrases, or pass sentences. This way you will end up with a much longer, and therefore stronger password, which still is possible to remember ;)

with Yoti password manager i only need to remember 5 digits pin to login into the app, or a fingerprint if phone supports.

Tell me which cloud password manager is safe to use and recommended please.

LTT Employee: "alright Linus time for another techquickie video so make it quick!" Linus"got it!" Linus *Starts listing Pokemon* 🙄

Having an algorithm on your mind that you devised for each password that depends on the websites you have an account on would be the best choice.

Linus please make a video on the theme what happens if Gmail doesn't exist or absurdly its data got wiped out

that was a good segway, ill give you that, linus!

but linus wouldn't you need to change the master password to ensure more security.? i often get confused on which one i am currently using and which one i used in past. :(

3:14 urgh, yeah, i guess that's a valid example, but only if that particular user uses ONE single password on multiple (all?) plartforms. Ok, ok, you actually demonstrated / narrated (visually) that particular threat model quite well.

So teckquickie should be quick like not the long pokémon intro thing just saying I'm watching this on my lunch break and time is important

Watch half way and I was thinking : is Lastpass sponsor this or I just watch 5 minutes ad when I always skip 5 sec ad from youtube?

Literally the perfect sponsored video for LastPass

May I make a recommendation? Those of us who are already confused by password management get frustrated and lost by whatever this Pokey Mon stuff is. You waste valuable time by seeing how many of whatever it is you can forget? Come inside my head and wonder why your keys are in the refrigerator. Helpful video overall, but the cutesy stuff, I think, is aimed at your contemporaries who already know how TF password managers work.

Remembering a strong master password isn't difficult at all. A good master password will be at least 3 to several more unrelated (and also no inspiration taken from your desk) words with a space in between. This makes it easy to remember, but, at least for now, difficult for computers to guess. Especially if you create a mnemonic for it. A random word list generator gave me 'subdued mammoth slave stream' rated at '84 bits' of strength according to a few password managers. Which is equally as strong as 6AOjY%R;.NFV.IY which is a 15 character randomly generated password that includes numbers, capital letters, and 'special'. Just remember the 4 words or think "subdued mammoth slave watches twitch stream" or something and presto. Master password. Also also, all my authenticator apps ranging from Google's to Blizzard's have switched over to a button quite a while ago. I haven't had to enter anything for maybe a year now I think. So activate the authenticators people, it's easy and better than none!

I just started to use password manager for the first time ~3 weaks ago. Bitwarden was my choise, since it is opensoure (so wont steal my data), free and has a lot of features. I used the same passwords for almost everywhere with some differencies before, but this is not just much secure, but much easier too. I already memorised my frequently used ones, so I don't have to always log into my Bitwarden account. I recmmend using 2FA too to your more important account btw.

You can also save your Keepass Database in your Dropbox and done! Cloud password manager!

Until you forget your master password during which you had to erase your harddrive and got a new phone number lmao which is me

4:20: Linus has red shirt 5:40: Linus has gray shirt 6:00: Linus has red shirt RIP vessel

I made a password manager myself. Its really easy to make.

Min 5:00 are you saying we should use a separate app for the 2nd-factor ID????

Hey Linus do PBKDF2

I use my email as a password manager. Since email can be used to reset all other passwords, it's the one account you don't want hacked. I send an email to myself with all my passwords and just remember the one.

Don't know why but linus was looking much more sharper in the shots...probably best looking linus yet... 😂

Wouldn’t it be more... fitting to get LastPass to sponsor this video? :D

One of the best segways ever

Just create long and complicated pw, it will be hard to remember at first, but the more you use the more it gets stuck in your brain, so write it down somewhere secure until you don't need it anymore.

The only Problem is: I got my Master Password for LastPass in Germany and I am right now in Canada for the next few months. Fingerprints for the rescue! I’m praying every day that LastPass doesn’t Log me out

Linus can definitely name 130 Pokémon

Well im using local password manager KeePass, and linus i keep a backup using export feature from Keepass which can't b opened without keepass and the master password. I keep it in my sd card and the backup file has 2 encryption level 1st by keePass and second I won't b telling. The best part is that it does not need any updates for security patch

So which password manager does all this?

That feeling when you write all your passwords on a local word document OMEGALUL

"My six digits" :D Mine passwords, even before the password managers were about 20+ digits (any symbols). Now I configured random-generated passwords to be 40+ including all symbols and anything. :D

Hey do a video on how security apps work and the best security apps to download I MEAN FROM GOOGLE PLAY

"Secure" server somewhere... hihi

Since people start throwing buzzwords and products around let's get a little technical. To generate many keys from one you use what's called a key derivation function. When dealing with passwords locally scrypt should be used. It accepts that even your superdupermasterpassword has little entropy(meaning it sucks compared to true uniform randomness) and makes trying out many passwords harder by just needing very very much memory and cputime to compute. They do this by cleverly mixing around blocks and using a cryptographic hash somewhere in the procedure, twice in scrypts case. If you want a cool secure passwordmanager that doesnt store anything anywhere but is still globally syncronized try the site masterpassword(dot)app

Safest way to store passwords is in the brain - Cyber security expert

I write down the passwords on a piece of paper and keep it in my safe next to my gun.

I LOVE lastpass, ive been using it for years, trying to teah old people how to use it is impossible

I find the best way is to write them down in a book. It's safer because it's not digital and not on your PC nor is it in the cloud. If there's a fire it's only a small book you need to grab. And if your house is broken into it's unlikely they will steal a book. It's also a lot more convenient then anything else.

PLEASE DO A VIDEO ON RAPTCHA. I ALWAYS WONDERED HOW THAT STUFF WORKED

My password is converted site name into numerals to hex. Then add my family members birthday in hex. It's different on every site and I can consider as very secure and easy to remember.

BitWarden is what I use. Free, open source, cross platform. Password/Passphrase generator, secure notes.

This is what happens when I start using better passwords >Finally decides I need a strong password >Creates a Strong password >Doesn’t come back to the site for 2 days >Forgets password >Uses forgot password reset link >Sets password to the one use for everything .. well atleast I tried..

And one last thing: don't accidentally stream your password manager tab to the internet, amirite linus