- Use password manager tools if possible.
I think this is the best advice which summarize all of themI can not disagree because if people manually create passwords, they will fall into similar patterns with small changes in characters and numbers. If one password is leaked, other passwords generated manually by that person will be more easily be bruteforced.
Password manager will automatically create one unique strong password for you in each website, and automatically fill up. I can't live without one anymore.
I just switched to proton pass, I think it is very goof and privacy focused password managerThank you for the information about Proton Pass. I added it to the list of Password managers in OP.
https://proton.me/pass
Using paid password manager: It is true that it has features such as encryption and others, but you still depend on a third party, and once it is hacked, all your money and accounts can be accessed, use opensource self-hosted one.I agree. Cryptocurrency enthusiasts prioritize open source stuffs so here you go. If you know other open source ones, please help me to make the list bigger.
Password Managers
| | | | | | | | | | Proton Pass (https://proton.me/pass/download) | Yes | Yes (https://proton.me/pass/download) | No | No | Yes (https://apps.apple.com/us/app/proton-pass-password-manager/id6443490629) | Yes (https://play.google.com/store/apps/details?id=proton.android.pass) | Yes | | KeePass (https://keepass.info/download.html) | Yes | Yes (https://keepass.info/download.html) | No | No | No | Yes (https://play.google.com/store/apps/details?hl=en&id=com.android.keepass) | No | | Password Safe (https://pwsafe.org/) | Yes | Yes (https://github.com/pwsafe/pwsafe/releases/download/3.64.1/pwsafe-3.64.1.exe) | No | Yes (https://github.com/pwsafe/pwsafe/releases?q=non-windows&expanded=true) | Yes (https://apps.apple.com/us/app/pwsafe-2-password-safe/id938922963?ign-mpt=uo%3D4) | Yes (https://play.google.com/store/apps/details?id=com.jefftharris.passwdsafe) | No | | KeepassXC (https://keepassxc.org/download/#windows) | Yes | Yes | Yes | Yes | No | No | No |
Sites like ---> Haveibeenpwned.com: Although they are good, they may record your data, so it is better to try to reduce sending emails, use the aliases emails feature[1], and check the link before clicking on it.Similar to using blockchain explorers to check transactions or privacy score. Using them with Tor and be cautious with risk as well.
Remembering the password: Whatever the method, remembering the password is a bad option. The best thing is to generate the password with seeds and save it on a piece of paper if you do not want to save the password digitally.I agree. That is the article title, I kept it unchanged but I did not recommend it.
Using paid password manager: It is true that it has features such as encryption and others, but you still depend on a third party, and once it is hacked, all your money and accounts can be accessed, use opensource self-hosted one.I agree. Cryptocurrency enthusiasts prioritize open source stuffs so here you go. If you know other open source ones, please help me to make the list bigger.
How about KeePassXC? It has more feature than KeePass[1] with native Linux/Mac OS support.+1.
[1] https://superuser.com/a/879013 (https://superuser.com/a/879013)
In cryptocurrency, you will have to use many things such as cryptocurrency wallets (should be open source, non custodial) and exchange accounts.Well Done OP. Very informative and useful post.. I am sure Newbies will find it very helpful. there are some links that even i didn't know. first time learned about https://haveibeenpwned.com/
Make sure you do as follows
- Use strong passwords for your wallets, accounts.
- Passwords must be unique. That means, Never reuse your passwords from one account to another, from one platform to another.
- Passwords should be generated randomly and not in any pattern of your own favorite.
- Use password manager tools if possible.
Some resources to learn about it.
- Are your passwords in the green? (https://www.hivesystems.io/blog/are-your-passwords-in-the-green)
- Haveibeenpwned.com (https://haveibeenpwned.com/). Check data breaches, whether your email address is in any data breach.
- How to create a strong password? Idea (https://www.avast.com/c-strong-password-ideas)
- How to create a strong password (and remember it) (https://www.howtogeek.com/195430/how-to-create-a-strong-password-and-remember-it/)
- Create a secure password (https://www.wikihow.com/Create-a-Secure-Password)
Password generators and management tools
- Keepass (https://keepass.info/)
- Keepass for Android (https://play.google.com/store/apps/details?hl=en&id=com.android.keepass)
- Password Safe (https://pwsafe.org/)
- Proton Pass (https://proton.me/pass)
- They can have password data breach too so be careful.
- Notice of recent security incident (LastPass) (https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/)
Creating strong passwords are good but not enough. Never store your passwords in online accounts (Dropbox, Google Drive, Azzure, Telegram, Facebook, ...). You will get nightmare some day if doing so.
Storing a password is similar to storing a seed. You should never use third parties to save it. It should be saved on paper in a safe place and not stored on a computer or the Internet.
I have heard about this so many times even in the bitcointalk but I have decided to trust my memory for my passwords. I think I am over using my memory for something that isn't worth stressing it. It is time I started using a password manager and I can use the one bitmover recommends. Managing password manually is something hectic to do and I have taken the risk for a very long time
- Use password manager tools if possible.
I think this is the best advice which summarize all of them
I just switched to proton pass, I think it is very goof and privacy focused password manager
https://proton.me/pass
Password manager will automatically create one unique strong password for you in each website, and automatically fill up. I can't live without one anymore.
Very well, this is a good strategy to overcome the problem of password manager hacking, but you must have a good memory otherwise you will get into big trouble.
Storing a password is similar to storing a seed. You should never use third parties to save it. It should be saved on paper in a safe place and not stored on a computer or the Internet.
I'm using a password manager but I have a trick on my own on every saved password I just make sure before I hit save the password in the password manager I have inserted two characters in the beginning and also two characters at the end of the password that 4 characters I remember by heart, so even if there is a breach those passwords are useless as they need those 2 characters in the first and the last password I'm fully aware of those breach in the password manager so this is my own innovation to keep the all the password safe.
I have heard about this so many times even in the bitcointalk but I have decided to trust my memory for my passwords.The problem with this approach is that all your passwords will be similar.
Very well, this is a good strategy to overcome the problem of password manager hacking, but you must have a good memory otherwise you will get into big trouble.
Storing a password is similar to storing a seed. You should never use third parties to save it. It should be saved on paper in a safe place and not stored on a computer or the Internet.
I'm using a password manager but I have a trick on my own on every saved password I just make sure before I hit save the password in the password manager I have inserted two characters in the beginning and also two characters at the end of the password that 4 characters I remember by heart, so even if there is a breach those passwords are useless as they need those 2 characters in the first and the last password I'm fully aware of those breach in the password manager so this is my own innovation to keep the all the password safe.
Although this is a good strategy, with the development of hackers' skills and their use of artificial intelligence, it has become very difficult to trust a third party. It is better to follow the old methods of saving important passwords, I mean writing the password on a piece of paper, and it is also better to hide part of it so that it does not fall into the hands of Unreliable.
- Use password manager tools if possible.
I think this is the best advice which summarize all of them
I just switched to proton pass, I think it is very goof and privacy focused password manager
https://proton.me/pass
Password manager will automatically create one unique strong password for you in each website, and automatically fill up. I can't live without one anymore.
Can this change an existing password?
I'm the type of person who is very forgetful, sometimes I don't open a site/wallet/exchange for too long, where I have to enter my password, I have to research it first to be able to log in again.
so almost all the websites/plafroms/emails that I have. have the same pwsd[/list]
It seems like a random issue to use a password, and that is perhaps the main problem, yet despite knowing the fragility of certain passwords and not adding 2FA, it is a recurring situation.I have that article from Hive in OP but did not make a screenshot. In fact, there are different tables for estimated time of wallet password bruteforce, not only one.
Some may know the infographic shown below:
<image snip>