Most PRIVATE Password Manager
Рет қаралды 240,004
Күн бұрынUsing a password manager is actually one of the most IMPORTANT things you can do to safeguard your digital life. Password managers are software for generating and storing your passwords for you.
While keeping all passwords in a single vault may seem like a scary prospect for some people, we explain why computer security experts almost unanimously recommend using them.
We also dive into which password managers are best, and how to keep your password vault secure.
00:00 Intro
01:08 Creating better passwords
04:58 Securing your Password Manager
06:44 Choosing a Password Manager
08:55 LastPass
11:21 Bitwarden
12:47 Dashlane
14:48 1Password
16:19 KeepassXC
19:03 Saving passwords in browsers
21:13 Summary
The biggest risk to the average person is reusing passwords across websites, so a password manager is essential in order to both create strong passwords and to help you remember them. They can dramatically help you improve the security of your online accounts and make it easier to manage your login information.
XKDC Comic on Passwords: xkcd.com/936/
EFF Password List: www.eff.org/files/2016/07/18/...
Brought to you by NBTV members: Reuben Yap, Lee Rennie, Sam Ettaro, Will Sandoval, Michael Perklin, and Naomi Brockwell
To support NBTV, visit www.nbtv.media/support
(tax-deductible in the US)
Sign up for the free CryptoBeat newsletter here:
cryptobeat.substack.com/
Beware of scammers, I will never give you a phone number or reach out to you with investment advice. I do not give investment advice.
Visit the NBTV website:
nbtv.media
Watch this video on Odysee!
open.lbry.com/@NaomiBrockwell...
________________________________________________________________________
Here are a bunch of products I like and use. Using these links helps support the channel and future videos!
Recommended Books:
Beginner's Introduction To Privacy - Naomi Brockwell
amzn.to/3WDSfku
Permanent Record - Edward Snowden
amzn.to/305negc
What has the government done to our money - Rothbard
amzn.to/2KMzmcu
Extreme Privacy - Michael Bazzel (The best privacy book I've ever read)
amzn.to/3BLZ1gq
No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State - Glenn Greenwald
amzn.to/2UQmJ4m
Naomi's Privacy Bag: some of my favorite products to help protect your privacy!
Use the Brave browser! brave.com/nao076
USB-C to ethernet adapter:
amzn.to/2lOVBoy
Faraday bag (signal stopping, to protect your fob, credit card, computer, and phone)
amzn.to/3DjIvCP
Data Blocker (if you're charging your phone in an unknown port, use this so that no data is transferred)
amzn.to/2SVh0J2
Computer privacy screen (use your computer in public? Keep your information safe! Choose the size right for your computer)
amzn.to/3F816Sn
Phone privacy screen (don't let people in public see your private data, choose the size for your phone)
Samsung note 10 - amzn.to/3wNtYwb
iPhone XR - amzn.to/3Q8Sq4S
Pixel 6a - amzn.to/3i9dnQz
Camera cover (for computers and phones, so no one can access your camera without you knowing)
amzn.to/3Z1N8Mz
Privacy Tip: Turn off your wifi and bluetooth when you're not using them!!!
@esquire9152 Жыл бұрын
Last year I moved from Avira Password manager to Bitwarden. I really like the simplicity, open source and security of Bitwarden.
@Fian_so 7 ай бұрын
I've found one sticky problem though , and I wonder if anybody can help : Bitwarden shares it's clients IP address with gov agencies !?!😑 Being in jurisdiction that is part of the 5eyes alliance ?
@mynameisdavidwalters 5 ай бұрын
how do you come to this conclusion? Any sources?@@Fian_so
@gsftom 2 ай бұрын
Would be interesting to see a reply to this.
@unholydonuts 2 ай бұрын
@gsftom that would be interesting.
@Felttipfuzzywuzzyflyguy Ай бұрын
@@Fian_soEvidence/references?
@louis-grasset Жыл бұрын
Hey, Dashlane engineer here, awesome video (sincerely, it's valuable and transparent, well done). Side note: Dashlane shut down the Password Changer feature due to maintainability costs and difficulties in scaling websites support over time
@mhzprayer Жыл бұрын
Oh wow thx for this comment..that was truly an eyebrow raiser when she mentioned that. But I guess..it really was too good to be true
@NaomiBrockwellTV Жыл бұрын
Yeah I presume that's why most of these things get deprecated. I noticed they now have support for ios apps that can also be used on macs, is this essentially the same thing as a desktop app?
@davinp Жыл бұрын
Other password managers don't have this convenient feature and this is why they don't have it.
@louis-grasset Жыл бұрын
@@NaomiBrockwellTV True, implementation and support for this technology represent a non negligible cost for a success rate that is currently too low for a paid feature
@clinten3131 10 ай бұрын
Its also not often you need to use this feature so cost vs usage is probably bad. As a Dashlane user for 2 years think it is a great password manager. Also the vpn is decent and nice to have.
@rustyrebar123 Жыл бұрын
This was a seriously well done video with tons of useful information distilled in easy to understand language. Your examples and descriptions of things like rainbow tables and hashing, your overview of the lastpass issues, your description of how to create secure passwords were all spot on and solid from a security point of view, which is rare in videos like this. You could give this video to any level of user and they would come away with a solid understanding of the topics covered. I appreciated your discussion of the pro's and cons of the various password managers and where they might / might not be useful. It is very rare to see such a well done video on these topics. You earned a subscription and $20 donation from me.
@NaomiBrockwellTV Жыл бұрын
Thank you so much!!!! I really appreciate the support!
@victorforzani3433 4 ай бұрын
you must know this person to agree on what ever she have said just for views not that is the only solution.
@rustyrebar123 4 ай бұрын
@@victorforzani3433 I have no idea what you are trying to say. Maybe try with a coherent thought?
@victorforzani3433 4 ай бұрын
@@rustyrebar123 what Im trying to say charlock is that companies are being hack every day, and I would not give my financial information to any company to secured, I rather have if with a pass key that I control how was that, did you get it now do I have to Draw a map for you.. I think you must be a KId not to understand what Im saying., but that is ok we all cant be Genius.
@kidslovesatan34 3 ай бұрын
Your grammar is terrible and your thoughts poorly expressed.@@victorforzani3433
@Nosiu Жыл бұрын
I am a self-hosting nerd and mainly use my own instance of Vaultwarden. That way I am in charge of security, and - even if it's a hassle - have full control. On the other hand, if something leaks or breaks, it's all on me.
@brentpetershere Жыл бұрын
An incredibly digestible explanation of what I know is important to consider, but also of what I had no idea is important to think about. I feel well equipped to now make an informed decision. Thanks a mil!
@xellaz Жыл бұрын
Very well thought and helpful tips regarding security and management of passwords! I've used most of the password managers mentioned here--both the online and offline versions. I have tons of passwords and it was an eventuality for me to end up using one. Thank you for your continued efforts in bringing awareness in cyber security. 👍
@JonDiPietro Жыл бұрын
I've been complaining about LastPass forever because their interface was clunky and they hadn't made any changes in years. Well, they just released a new version and it is not completely and utterly UNUSABLE. Which is fine because it has finally given me the push I need to move to a better solution. This video was helpful so thanks!
@willy7968 Жыл бұрын
which one are you migrating to
@ajbrady4357 Жыл бұрын
Look into 1Password. I know you probably have - but they have great blog posts about their security practices and how they exactly work
@countermeasuresecurityengi9719 8 ай бұрын
proton pass
@midnightsky2895 Жыл бұрын
This is probably the best video to explain password managers and how they work. Great job!
@adam.maqavoy Ай бұрын
Sad part I found out about (Both our Schools and Library) in 2018. You can only write short *Passwords* 90% of the time. And *Our Library's* don't even let you set a password, let alone store anything. But they do allow both CD & USB usage..
@walterxplinge3867 Жыл бұрын
I started using a password manager when I worked in client support for an outsourcing company. Needed to remember (or store) over 250 passwords for access to the various devices and systems which fell under my purview. I felt I needed something secure but with local-only storage of the passwords. Settled on B-folders. Only stored locally, but able to be synchronised over multiple platforms. It generates random passwords which can include upper and lower case characters, numbers and special characters. Storage of the passwords is local only, and synchronisation is manual-only and via local WiFi. Never had any issues with passwords being compromised. Old tech, but seems more secure than putting your passwords in the cloud.
@vernearase3044 Жыл бұрын
1Password also uses both a master password and a secret key, which is a 32 character alphameric key which adds 32^36 levels of entropy in case your vault is every captured. I feel much more comfortable using a memorable master password for my private vault because of the additional entropy afforded by the private key. Of course if your device is stolen and there's no protection on the device, the memorized secret key protection goes out the window.
@yuchoob 7 ай бұрын
Which is why 1Passwords method is, ultimately, flawed. People download the PDF onto their computer and that's it. I much prefer Yubikey. You can have it on your keychain (not with your phone/laptop) and have spares (one at the office, one at a friend's house) without compromising security.
@whulum 5 ай бұрын
Word. Really convenient feature to have for peace of mind
@gariaf Жыл бұрын
I was waiting for this video since the 2FA video you published a couple of months ago. in the meantime, I decided for a PW manager and I'm glad to coincide with your suggestion based on my needs, I guess your previous educational videos worked for me, thanks!
@NaomiBrockwellTV Жыл бұрын
Awesome!!
@2Nu Жыл бұрын
This is sound advice, well thought out and presented. Thank you Naomi for providing this invaluable information to us user plebes. Keep up the good work.. 👏
@martinwalker3088 Жыл бұрын
Finally catching up with you Naomi. It was another incredibly enlightening upload. Just brilliant and thank you once again.
@alexanderkoponen7075 Жыл бұрын
Home run! Such a great video, flawless! I'm sending this to all my friends.
@jimcabezola3051 Жыл бұрын
Another superb video! I’m beginning to understand the differences among password managers. Mahalo.
@iblackfeathers Жыл бұрын
this is an awesome video. thanks for breaking it down so it can be shared to others. one of the best password managers for users at the time with regards to usability, convenience and security out of the box was 1password standalone version. although it is not open source, unlike bitwarden or keepass xc, it didn’t require setting up a dedicated server to sync across local devices. it synced from a primary computer to other devices on the same local network. and you can change primary computers at any time. this limits your surface area of potential attacks by not requiring any cloud or even any always-on local server as a target for attackers. you can simply turn on your computer which devices sync to , unlock it, connect your devices to the same network, and then turn that off when you are done. today this does not seem possible without putting way more extra work and dedicating a server for this function. it’s more steps and stuff you have to deal with when compared to how 1password did it all through software local syncing. since 1password changed business models to force the cloud and a subscription model, the only option now is bitwarden or keepass xc on an encrypted volume for the same usability. keeping it off the cloud requires way more work / effort in setting up a local server in the form of something like nextcloud or other instance. then you can layer it with a docker container, vm, veracrypt or other encrypted volume, etc… the point here is it gets more complex with more in-depth troubleshooting issues because there are far more moving parts. 1password standalone version was like 75% to 90% of the way there for users without further setups. lastly, you didn’t mention strongbox and other various “accessories” but i also see that probably you wanted to keep things clear since it is already a very well done and detailed overview video. perhaps a more advanced part 2 can delve in local db encryption, syncing and storage methods. linux is also a wildcard since there are more unique scenarios. also if the cloud has to be used for whatever reason, like business, there is now proton drive in the mix of other options. and cloud always requires some form of encryption method with a good way to sync them.
@guacfiend Жыл бұрын
Providing a comprehensive review of the most prominent password managers and maintaining consistency is always welcome :D
@skye1212 Жыл бұрын
I left Lastpass for Bitwarden. Also changed my gmail, apple id and bank passwords.
@TheLazyJAK Жыл бұрын
Fantastic video! Every point I could hope for you to cover was well explained.
@89robbied Жыл бұрын
Excelent video! I've been pushing my frineds and family to password managers for the past year. I'm about to give a presentation to my company to push for change as well. I will be adding a lot of the information you gave here. Thank you so much! Aslo, great to hear you on Micheal Bazzels podcast, that was a fun surprise listening on a flight las week.
@NaomiBrockwellTV Жыл бұрын
Awesome to hear!
@gmansi Жыл бұрын
"I'm about to give a presentation to my company to push for change as well" What product do you recommend for your company?
@AmazingPhilippines1 Жыл бұрын
COOL! Appreciate all you and your team does. Always lots of good info!
@TIOLIOfficial 3 ай бұрын
22:15 - Yay, The End Dance!
@FengLengshun Жыл бұрын
Yoo, the xkcd comic actually appeared here. Nice. That's what inspired me to get password manager. Used to use lastpass, then migrated to BitWarden since I heard it's open source. Thank god I did. And it's a nice balance of convenience and security too. We also need more TOTP 2FA in general though. Or at least something more secure than SMS.
@arefmoin814 Жыл бұрын
Great video Naomi. I wish you had spent some more time on the browser extension XSS threat surface and also on mobile apps for these password managers, e.g. KeePassium for KeypassXC and advice on using these stand-alone v/s credentials auto fill. Thanks again.
@muscleweb 11 ай бұрын
I just got word Proton is releasing an open source code password manager. This is the one I’m waiting for. Great video. Thank you!
@nashwanbaxtiar7718 Жыл бұрын
I really love your channel. I do care about privacy and security . I learn alot from you from now on . Thank you
@Joromonni Жыл бұрын
great video naomi! i've been happily using bitwarden for the last 5-6 years.
@JoshuaMichail0 3 ай бұрын
For twenty years I've used passwords that I had to write down on paper. I make sure they're 26 characters, if possible, with numbers, lower case, upper case, and symbols. I also make sure there are no repeated characters, no reused passwords between accounts, and no clues to personal identity information, nor common phrases or media references, included in the password. But, for a long time I've been using a password manager with biometric security coupled with MFA.
@GaryLachance123 Жыл бұрын
Awesome video! Thanks for sharing this essential info so well! 😊🎉
@berndeckenfels Жыл бұрын
BTW 2fa Protection of your vault (download) access is easy but does not help against attacks like stolen vaults (like in the recent breach). Only tokens generating part of the encryption key would help here. Yubikey can do that with the HMAC mode but this requires a local/offline app to do it.
@vanishperish9287 Жыл бұрын
Great episode. These things should be mandatory subjects in school.
@felicitygee381 Жыл бұрын
Loved the dance and the strawberry vest jumper. Info was really clear as well thanks.
@jezzamobile Жыл бұрын
EXCELLENT Video & channel! Most helpful. Thankyou 😊
@bpresgrove Жыл бұрын
Great stuff as always. I had to smack my forehead after watching this one. We use a password manager at work but I never thought about the home. Guess I'll be investing in one. Took your advice on Libre office and love it so now it's passwords.
@Steliosgiannatos Жыл бұрын
I personally use the original keepass, I find the use of complex triggers really helpful, but I have also used keepass xc in the past and is a really polished open source password manager that I definitely recommend !
@sebastiangonzales46 Жыл бұрын
same i use it with otp it works flawlessly
@Steliosgiannatos Жыл бұрын
@@sebastiangonzales46 yes best thing ever writing the whole thing!
@Steliosgiannatos Жыл бұрын
@@Hrubicundus keepass has something called triggers, you can find out more in the official website. You can do complex stuff or even simple quality of life stuff. For example I have a database for my personal passwords and one with all the subscriptions of my family ie. Netflix in a common database. With a trigger you can open the database automatically with a reference to a specific entry in the database (so the password of the database you try to open is not hardcoded into the trigger) or you can import whole databases into one for organizations or you can make it so that a file is saved on your PC and then automates moved to your Google drive Dropbox etc by the trigger. So you won’t have sync issues. The possibilities are many and there are a lot of stuff you can do. Also I failed to mention the plug-ins support !
@la3135 Жыл бұрын
@@Steliosgiannatos A trigger is a nice feature. Just checked the documentation, however it's not available on KeepassXC on MacOs. This trigger feature is massive and i would like to use it. Any ideas for users on MacOS? Other clients?
@user-tp5yb4hr4w Жыл бұрын
i have been using what MacAfee used before he passed away. that man took all his secrets to the grave.
@nathanhallisey441 Жыл бұрын
Been using dashlane for a few years. Works good enough for me. I might change to bit warden when my subscription runs out.
@nully.emptier Жыл бұрын
Great video... I recommend open-source BitWarden which can be self-hosted on own VPS protected with own open-source VPN
@drickzee Жыл бұрын
It's the dance at the end for me. Haha Great content, as always!
@richardblais7445 6 ай бұрын
wow,i love your video !!!! thanks for the advice.very very interesting. im a new fan 👍👍👍
@amt_achrya Жыл бұрын
Just the video is was waiting for, thanks for the video
@gsftom 2 ай бұрын
This is a great video. Thanks for sharing what you know with others. I love you what you do and share.
@jan6963 Жыл бұрын
Thank you for your videos and the work behind them. Thanks to these videos, I am almost completely away from Apple, Google and co. Keep up your great work.
@chalion8399 Жыл бұрын
Good info. I also agree 2fa is needed too, as a (minimum) secondary layer of defense, but with family members, getting them to keep using it is problematic. I'm a bit of a paranoid about password security, so mine is a bit different than most users.
@BillAnt 8 ай бұрын
The problem with 2FA especially via SMS is the inconvenience of having to type a bunch of codes every time you log in. Also 2FA by SMS is vulnerable to SIM swapping and SS7 signaling. Using a 2FA app may not work if the phone loses cellular connection, gets lost, stolen, and also having to type long codes. IMO if one uses a good password manager or even the built-in browser one with long, strong, and unique passwords for each login, that should suffice for the average user. I just don't like password managers or even the browser syncing the password file to the cloud, it's just one more opportunity for hackers, and the bad guys to snoop on it. I would only use an offline password manager like KeePass or the like.
@collectorguy3919 Жыл бұрын
As password manager vaults age, they become less secure as computer science advances. Lastpass did not increase the key derivation iterations for older vaults (it has to be done client-side), and those vaults are exposed now to brute force attack. I'd like to see an automatic vulnerability test & conversion utility, only requiring the users consent for conversion steps. That might be hard to implement across all platforms.
@babybirdhome Жыл бұрын
This right here is a crucial point in evaluating whether to stay with LastPass. I’ve been with them since the very early days, and thankfully I’ve always used a quite long and very secure master password, so although I was stuck with the old configuration for iterations, I’m still more secure than people who used less secure master passwords with the newer settings. But the fact that I’ve been a paying customer for all these years and this breach was the first time I was ever told about the change to the configuration is troubling to me. A browser extension or mobile app update should have popped up an alert telling me about that. Or the popup that shows up for insecure/re-used/breached passwords that pops up when telling it to fill in the login information on a page for the first time would be another good place to tell me that I’m using a no longer recommended critical security setting on my vault. That should have been done across multiple channels to ensure that customers were aware of the issue and the trivially easy fix for it. I have hopes that things will improve now that they’ve split the LastPass portion of the company off onto its own again after LogMeIn acquiring the company years ago, and am hoping this was just a bad timing thing. The nature of this particular breach is less concerning to me, even as a cybersecurity professional than many other breaches are, because they basically used information obtained in the previous and reasonably inconsequential breach to spearphish someone with extraordinary access to get access to the s3 bucket containing people’s encrypted vaults, and people are always the weakest link in any security chain, so that could have happened to any organization (and honestly does happen many times a day, every day). That by itself isn’t evidence of bad security practices, especially when you’re the biggest fish in the sea - just ask Microsoft. But the not telling users in a reliable way about the need to update their vault settings - that one counts, I’m afraid. That was poorly handled and is the primary reason I’m evaluating other options now after over a decade with LastPass.
@madtech2010 Жыл бұрын
Couldn't increasing the password length offset the low key derivation iterations?
@collectorguy3919 Жыл бұрын
@@babybirdhome Has any password manager provided the capability to upgrade (re-encrypt) old vaults under better security parameters? I'm not aware of any. LastPass just happens to be the largest target. Alerting won't do any good if average users are unable to act (if it's too hard), or if LastPass couldn't implement a vault upgrade utility across all platforms. Not excusing LastPass, but this might be non-trivial. Personally, I don't like one 3rd party handling synchronization for everyone. Too many vaults in one juicy target.
@collectorguy3919 Жыл бұрын
@@madtech2010 Assuming you started out with a long random password, yes. If your password was "monkey123" then you can't change the data the adversary already has.
@davinp Жыл бұрын
LastPass also did not encrypt all the data in the valut
@kevinobrien2366 Жыл бұрын
Great video, thanks. Thorough job
@CeeMeeNYC Жыл бұрын
Love your content. Thank you for helping us survive this Privacy/Security Jungle. One question, have you done any research on or have any good suggestions for the best privacy laptops? I use Linux at home and would like to move from my macbook to a linux based Laptop but am unsure about the security implications (broad options and preferences, but wondered if you had done any research on this topic?) Thanks again and keep up the encouraging work
@NaomiBrockwellTV Жыл бұрын
system 76 does a lot to remove intel spying, take a look at their offerings
@willweiss3205 Жыл бұрын
Thanks for the great content and help Naomi
@DudeHomer Жыл бұрын
YOU are brilliant.....you make your presentations in a way where he Average Joe can understand (most of) the content. I am technically-challenged, and don't understand all of it, but I like your style!😁😁😁
@jkhouryns Жыл бұрын
Great video, thanks. What about password managers such as Samsung Pass or Microsoft Authenticator, and some similar ones?
@mhzprayer Жыл бұрын
From browsing your merch I'm now pondering the idea of Dredd Pirate Roberts having a skyscraper headquarters...
@softwelveone Жыл бұрын
Hi Naomi, Tom Sparks (another KZbinr) spoke well of you so I recently started watching your video’s, man he wasn’t kidding, very well informed (and high quality) love your quad9 video and your videos on password managers… I recently ran across this new password manager called STASH PASSWORD (I am not paid by them, I’m just a regular paranoid internet user) I was really impressed by there product (alternative way of password management) but I’ve never seen any main stream KZbinr do a review on them so I’m still up in the air about making the purchase. Would love to see an honest review on them!
@nhgreg 5 ай бұрын
Very informative, thanks!
@DronesTwinkies Жыл бұрын
I like the way you call your passwords manager "Madoffpasswords" classic love all your stuff. 🤣😅 Keep it up Naomi.
@robertwilliam5527 9 ай бұрын
Apparently a sheet of paper is the safest way to store passwords
@mauricioflores3732 2 ай бұрын
Saving yes but creating a strong one not really. AI can easily crack human base passwords 😅
@markrothenberg9867 2 ай бұрын
At work my desktop support staff would routinely find an employee’s computer login and password on a sticky note attached to the underside of the keyboard, in the pencil drawer or worse yet written very small on the corner of the cubicle whiteboard. My employees would destroy the paper or erase the board requiring the employee to change their password-but not their bad habit.
@ogcrypto6022 Жыл бұрын
Great video Natalie
@mintydog06 5 ай бұрын
I followed you on Odysee as soon as I saw your pop up, nice work!
@NaomiBrockwellTV 5 ай бұрын
thanks!!
@JeffRyman69 Жыл бұрын
I use a password manager for web sites that don't involve financial information. For banks, credit cards, etc. I keep long random complicated passwords in an encrypted text file. When I need to log in, I decrypt the file, copy and paste the login information as needed, and then wipe the decrypted file.
@TON-vz3pe 3 ай бұрын
That's the best way to do it. Trusting a password manager with financial site access is so dumb.
@BobJones-dq9mx Жыл бұрын
Thanks for the excellent video!
@OmegaRejectz 20 сағат бұрын
1:23 The good news is that their 2024 table uses Bcrypt hasing rather than MD5 as their sample data. As a result, some of those go from instantly to... not as quickly. Still a great idea to use a password manager.
@CryptoDabber710 11 ай бұрын
I've been using different password managers like Bitwarden, Yoti, and hPass which is from Hacken a trusted Web3 security company founded in 2017. The 3 password managers above are the 3 that I've liked the most out of the different password managers I've used. I have been thinking about moving from a cloud password manager to a self hosted one. I know Bitwarden does have a self hosted option but I also prefer that hPass uses a generated seedphrase like a crypto wallet and is from a Web3 security company.
@Aranimda Жыл бұрын
Recommended password managers are secure until they aren't. LastPass was recommended by Steve Gibson (Security Now!) a long time ago. Recently they did an episode on how it was broken.
@pepeshopping Жыл бұрын
Steve DID have access to the code, but he was a fool by trusting that code access meant good code!
@Ultrajamz Жыл бұрын
@@pepeshoppingthing is steve is one man. Bitwarden is open to every security expert to look at 24/7
@maxbarko8717 Жыл бұрын
I am still using 1Password 6 which offers WiFi sync to iPhones and iPads (even with 1Password 7 on those devices). My local computers synchronize 1Password via NAS. Works great and I don’t have to pay a monthly fee.
@jmtx. Жыл бұрын
Dealing with all the passwords has always been a royal pain. I don't trust any of the password keepers but it looks like things are getting out of hand but least you've got a good list of them here to look into. Thanks for the dance bit as well.
@ajbrady4357 Жыл бұрын
What makes you not trust them? I Personally use 1Password and all of your account information is kept encrypted on their end at all times.
@jmtx. Жыл бұрын
@@ajbrady4357 - Why should I trust any encryption method? Convenience is great but shouldn't lose sight of security.
@rst33079 8 ай бұрын
I really like your videos Naomi!
@tnewdad 10 ай бұрын
I enjoy KeePass - it is one of the only PW managers which can set expiration dates for passwords, as well as advance notification when an expiration is approaching. This was huge for me since I have many websites and databases that require password access - all with different expiration dates and varying lengths of time between resets. Now I get that advance warning and NEVER have a password expire and lock me out! Any inconvenience is far outweighed by this feature alone.
@galaxytrio 3 ай бұрын
Very useful, Naomi.
@cafairchild93 Жыл бұрын
Love the end dance!
@mentaldisease5193 Жыл бұрын
Also, consider crashes and breaks of your browser that forces you to reinstall ist. If you're lucky, the passwords stored in the built-in manager are still there, if not (e.g you decide to apply a clean uninstall and delete all data including configurations etc.), all your passwords are lost forever. Sure, this can happen to your external password-manager too, but honestly, this never happened to me in 20 years of using such software.
@duaneatnofroth Жыл бұрын
Hi Naomi! I love your content. I have a question about the fundraiser summaries that come with each video: Are they cumulative or per video?
@NaomiBrockwellTV Жыл бұрын
Per video. Each of our videos costs many thousands total to make, and we receive a small amount of donations on KZbin to help offset that
@duaneatnofroth Жыл бұрын
@@NaomiBrockwellTV Thank you for clarifying. I've always appreciated the transparency with which you operate!
@Master-ng9uj 11 ай бұрын
Haven't watched yet (I will) but just wanted to know if you have any thoughts on Keeper? I did a bit of homework when I signed up just under a year ago, and it seemed to be a solid choice, but I find it's now missing from a lot of reviews (including this one) so am wondering if I ought to try another instead of renewing?
@GarryGrowns Жыл бұрын
Great video. Super content, very well presented. New follower here
@NaomiBrockwellTV Жыл бұрын
Welcome!
@kead6636 Жыл бұрын
Hi Naomi, with the announcement of Proton Pass. Do you think it would be worth considering as a password manager? Would it be as secure as the ones you mentioned here? Or would it be putting too many eggs in one basket?
@blogcorpo 3 ай бұрын
Great video! ♥♥♥
@Jackalleyway Жыл бұрын
Love the dance at the end! 😄
@NaomiBrockwellTV Жыл бұрын
Yay you made it!!!
@tomofedek7613 Ай бұрын
When we talk about passwords to like, one password to unlock all your authentication passwords, the password there that were usually talking about, is a secret string of letters and numbers and whatever else that will decrypt your other passwords. So the passwords there is a secret key that encrypts and decrypts like chunk of data and it's a different kind of password used for a different purpose. And so, yes having all your passwords in one place does make them more vulnerable to an attack, but compared to the risk that you have by using poor password across all your internet sites, the risk is much lower than what you're subjecting yourself to otherwise.
@NoEgg4u Жыл бұрын
If you use KeePass (or one of its forks), your vault (a single file) is saved on your PC (and for 99.99999% of us, it will be a small file -- only a few MB in size). To avoid a catastrophe, make a copy of your vault (copy that file) to a different storage device, such as a USB drive, and keep that USB drive unplugged after you make the copy. This way, if you are hit with ransomware, or similar, you will still have your vault available to you from your USB drive, and that drive was kept safe because it was disconnected from your compromised PC. Also consider keeping another copy of your vault at a friend or family member's residence. This will protect you in the event of a burglary (where both your PC and USB drive get stolen) and in the event of a fire. As long as you use a strong, unbreakable master password, you can store your vault file with anyone -- including cloud storage. But remember that if someone steals your PC, they might be able to use it to gain access to your cloud storage account and delete your files. So make sure you have a copy of your vault file kept somewhere that it will always be available to you.
@TonyRule Жыл бұрын
Get a decent backup system instead of this time wasting USB swapping and fannying about.
@deeyadeli1435 Ай бұрын
You can send me the file as well just in case. Lol, jk.
@Algolxxxxxx Жыл бұрын
After trying 1Password, Bitwarden, LastPass and KeePassXC - I decided on KeePassXC. It's open source, self- contained and can happily sit on your system without requiring a Internet connection. It has a ton of other features too.
@stuartwaldrip9280 Жыл бұрын
I like Mr. Snowden's passphrase idea. I like to use the craziest anagrams I can find for the phrase I've chosen.
@ScrewballMcAdams Жыл бұрын
I dig the dance 😊. Thanks for the info.
@Insightfill Жыл бұрын
While I like the content, I'm especially glad I stayed to the end!
@NaomiBrockwellTV Жыл бұрын
🤣🤣🤣
@YannMetalhead 9 ай бұрын
Great video.
@Ninja_Gaijin Жыл бұрын
I use vanilla Keepass since I only use on Windows, haven't tried KeepassXC but I hear it's almost as good (with added functionality of being cross-platform/OS). I used to use Lastpass a long time ago but I'm REALLY glad I stopped.. Offline / Keepass just seems so much smarter. It's a little annoying not having it online but I'd rather offline only and less risks.
@dejavu5121 Жыл бұрын
KeePass vanilla is the most secure way to store your passwords and it has lots of useful plugins. And yes, you CAN make it online with synchronization. Furthermore, you can also protect your database stored in the cloud with additional secret key + strong master password. But secret key must be located only locally, in the cloud should be only database. And even if your cloud would be compromised and hacker even will know somehow your master password, without a secret key they have no chance. It’s the most secured way to use and store passwords. I’m an IT technician, trust me ;) All these Online password keepers like Dashlane and others only a matter of time when they will be compromised.
@Richardj410 4 ай бұрын
Thanks for the dance, actually good food for thought.
@Mercurio-Morat-Goes-Bughunting 3 ай бұрын
The bits of entropy calculation can vary depending on the size of your wordpool. Words drawn from specialist fields will be stronger than words drawn from Ogden's 800.
@JohnSebeny Жыл бұрын
+1 for Bitwarden
@draoi99 Жыл бұрын
I use passwords made from words in Irish Gaelic. So far so good.
@ccarrasco5849 Жыл бұрын
What do you do with your browser password manager and your password log within your system software if you have decided to use a online manager?
@NaomiBrockwellTV Жыл бұрын
you can change your passwords as you add them to the password manager, and then eventually forget about existing managers. Those passwords will no longer work.
@kritnicol8546 7 ай бұрын
now that proton added a password manager they have a good all rounder package. It's new so it's not as refined but with time it will surely become one of the best options
@wholeNwon Жыл бұрын
Glad I subscribed.
@juliar8806 Жыл бұрын
You dont know how much i have waited for a video like this!😄 Ive used KeepassDx on my phone and one day i saw the file with all my passwords missing.. I suppose i might have deleted it by accident but i really doubt that.. Luckly, before knowing anything about privacy i stored some of my passwords on SamsungPass and they are still there, some of them.. Every since that incident im inclined toward using a cloud based PM but i feel like an offline PM would be a better over all privacy choise.
@MaxBob24 Жыл бұрын
Thanks Naomi for all your great content. Can you please further explain the advice on not using the auto fill? Aren’t all password managers actually for that to faciliitate auto fill password?
@NaomiBrockwellTV Жыл бұрын
There are different kinds of autofill. Many password managers will auto configure to automatically fill in form fields as soon as you go to a page. Instead I recommend the option where you have to click on the form field first and select what you want to fill, there's less chance of something malicious happening. It's still "autofill" but requires an action from you first.
@MaxBob24 Жыл бұрын
@@NaomiBrockwellTV Got it. thank you so very much, Naomi!!
@sicarioga676 Жыл бұрын
Thank you 😊😊
@bm2085 Жыл бұрын
Thank you for the video! Finally a topic where I'm already using one of the best solutions :) Do you plan to create a video about online file storage services? Like Google drive, Dropbox and similar. I'm curious how good/bad is the one I'm using currently. (Pcloud, Proton drive)
@NaomiBrockwellTV Жыл бұрын
Yep that’s the plan!
@bm2085 Жыл бұрын
@@NaomiBrockwellTV looking forward to it, and thank you!
@nullx8 Жыл бұрын
very informative, and the strawberries keep the focus ;) i personally use 1Password due to its reputation and the Family/team features which allows extremly complex passwords to be shared between all sorts of people on different levels of tech usage, which makes them stand out dramatically.
@thomasmuller3.89-0W Жыл бұрын
Thank you so much! Which password manager do you use (if I’m allowed to ask😳) I wanted to use Keepass, but just yesterday I heard that it got hacked/there is a exploit to see the master password.
@shawnbenn Жыл бұрын
Gr8 video I love the way you explain complicated subjects. Doe's keylogers can "see"/"copy" if I copy-paste my password? BTW I never store the whole password in the password manager, I have a 3-5 letters and numbers combination (It is the same for all my passwords) that I added to the password after the password manager fills the password. So even if there is a breach in my pass word manager data base the hackers will have only part of the password.
@kim-hendrikmerk4163 Жыл бұрын
This is not a particularly secure way to create passwords because if an attacker is able to correlate 2 breaches and see the same base password it is trivial to brute force all of your other ones. Create one really strong password and let the password manager randomise the rest.
@shawnbenn Жыл бұрын
@@kim-hendrikmerk4163 I guess I didn't explain my self correctly. I generate with my password manager 20 characters password. But the password that I set on any site is with 3-5 more characters that I don't store in my password manager (I remember them). So if my password manager data is breached they don't have the whole password.
@chrisplusplus6232 Жыл бұрын
informative content, thumbs up
@ronm6585 Жыл бұрын
Thank you.
@Bluelagoonstudios 10 ай бұрын
I use a Corsair Padlock stick with a database with all my passwords, it's very convenient, if I have to work on somebody's computer and connect straight to my server, to get software If needed. Only downside is that I have to use a USB extension cable, to handle the stick, if it's in a computer, it isn't handy.
@WickedMuis Жыл бұрын
The dance was a funny bonus xD
@NaomiBrockwellTV Жыл бұрын
😹
Bungee Jumping Park
Рет қаралды 17 МЛН
Ask Your Computer Guy
Рет қаралды 1,3 МЛН
Immersed
Рет қаралды 34 МЛН