Saturday, December 03, 2016

How Safe Are Password Managers?

This video is very funny and makes an important point.


Based on all the past problems Sony has faced with hackers and the fact that Sony did not do a good job of protecting passwords.  Furthermore with the general public concerned about the US government spying on citizens I thought it would be important to explain why everyone should be using an Online Password Manager for business, personal, SEO and marketing. No one has your passwords except you. We can not see or retrieve them because they are stored in a secure military 256k encrypted vault in the cloud.



There are several good products on the market:

1.  OnlinePasswordManager.com 
     - free license information and plugin for Google Chrome


2.  Some  previous problems with LastPass

The following is a good article to read and I have included some excerpts below.
http://www.techrepublic.com/blog/it-security/how-safe-are-online-password-managers/

“If the government orders you to turn over someone's passwords, is it possible?”

First up is Agilebits. I asked Jeff Goldberg, Agilebits Chief Defender Against the Dark Arts (great title) “The Question.” His response:
“We never have the opportunity to see either your data or your master password. In fact, we don’t even have the chance to see how or whether you even use our password manager. So the short answer to your question is, no, it is not possible for us to obtain your password database, nor it is possible for us to decrypt it even if we did manage to get hold of it.”
From Joe Siegrist Password Manager Expert
Next up is LastPass, a popular online password manager. Erin Styles, Vice President of Marketing answered “The Question,” and included a comment from LastPass CEO Joe Siegrist. LastPass recently sold their company and I am not sure if Joe is still involved. Either way he is still one of the top 5 experts in the world.

I was looking on their website to see who purchased Joe's company and found out that many of his customers are very unhappy that he sold LastPass.



“In Joe's words, ‘We can't give them what we don't have.’ So, to answer your question, there is nothing we could do to obtain someone's passwords. If ordered by the government, we would hand over a blob of encrypted data that they could attempt to brute force. As everyone knows, with a strong master password, brute force would be virtually impossible.”


All of the above is also true for OnlinePasswordManager.org and it costs less money to license. 
Some of the other good products claim to be free, then they charge you to use the service on a smart phone or tablet.
Our Online Password Manager works for free for one year on all devices and after the first free year we offer the lowest price and a lower cost than our competitors. Plus we ask that you join us and support our efforts to fight the "evil hackers of the world". With your help we can make the Internet a safer place.

Furthermore it is wiser to pay a little money for a supported defect free reliable software product then to trust something as important as your passwords on a free product that may go out of business any day.
Free is not always a good thing. Does it mean they bombard you with advertising?