15

u/Myrmec Mar 08 '16

I just have this nightmare of permanently being locked out of absolutely everything.

3

u/TokyoJokeyo Mar 08 '16

You can use a key file so you don't have to remember the password, just what file you used.

4

u/meepsi Mar 08 '16

Its best to use both, not just the file.

3

u/TokyoJokeyo Mar 08 '16

Sure, but that doesn't protect against forgetting the password--I'd say you can surely remember one password, but if you're really worried, a local database protected with a keyfile is still a lot better than just reusing really bad passwords everywhere.

1

u/meepsi Mar 08 '16

Better because it requires someone to be on your machine or have access to the keyfile and the DB. But if someone has access to the DB, they probably have access to the keyfile too, which makes it practically useless.

In order for the keyfile only approach to work, you would need to keep it on a flash drive and never use it on an unknown machine.

The much better solution is to use a pass-phrase in combination with a keyfile. If you are worried about forgetting the pass-phrase you could always have the keyfile represent a reminder. Like a text file which has the filename of a hint (to remind you of the pass-phrase). Or have the keyfile be an MP3 of a song and the pass-phrase be a lyric of the same song.

29

u/[deleted] Mar 08 '16

[deleted]

18

u/King_Baboon Mar 08 '16

The government site has two 2nd party password generator sites as links to "help" but the passwords they generate you have to either write down or copy and paste on notepad.

29

u/[deleted] Mar 08 '16 edited Jun 08 '16

[deleted]

11

u/Endulos Mar 08 '16

Holy fuck do I love Keepass. It's so god damn handy.

1

u/MickMcSnuggles Mar 08 '16

Question. Is it safe though? Can I trust with my bank account or PayPal?

0

u/[deleted] Mar 08 '16

I highly doubt his IA section would approve of some third-party app storing his account credentials for a government website. Don't think you could sound more stupid than that honestly. At least for the DoD.

4

u/[deleted] Mar 08 '16

[deleted]

0

u/[deleted] Mar 08 '16

The fuck are you on about? I'm telling you as someone who works for the government why your suggestion doesn't apply to the person you SPECIFICALLY applied it to. There is no "in general" to this context.

1

u/[deleted] Mar 08 '16

General question: How much different Keepass is from LastPass?

1

u/YM_Industries Mar 09 '16

The rules in the screenshot would mean that there's a decent chance the generator would produce something that this wouldn't accept.

2

u/[deleted] Mar 09 '16

[deleted]

1

u/YM_Industries Mar 09 '16

I would expect that it could generate duplicate letters too.

1

u/prettycode Mar 09 '16

Can it synchronize between my living room laptop, my home office desktop, my work laptop, and my mobile phone?

6

u/lumidaub Mar 08 '16

I can't install stuff on my work computer. Anything I need has to be approved and then pushed by IT.

8

u/King_Baboon Mar 08 '16

Which is why it becomes a problem when your flashviewer is outdated and you have to call IT and create a work order for them to physically respond to give permissions to make necessary updates.

2

u/blastnabbit Mar 08 '16

If you have a smartphone, there's an app. Or, at least, there are apps for 1Password and LastPass, which do the same thing.

1

u/DoctorWaluigiTime Mar 08 '16

There are unofficial apps that can read KeePass databases/files. I use KeepassDroid.

1

u/DoctorWaluigiTime Mar 08 '16

Install it on your phone, and while you'd have to generate weaker passwords (ones that aren't a pain to type), you'd get most of the advantages.

1

u/[deleted] Mar 08 '16

Talk to IT about that one, it should be pretty easy to convince just about any IT Department that Keypass is a positive

It's in our standard image

1

u/ArchersTest910 Mar 08 '16

Can you use a portable version on a flash drive? That's how I use mine remotely.

2

u/lumidaub Mar 08 '16

Nope. Absolutely nothing from the outside may be connected to the computer. They're really concerned about corporate spies.

4

u/ArchersTest910 Mar 08 '16

Gotcha. Another method I have is a synced keepass file on my phone which I can use for mobile stuff but also view the password so I can use it even in a case like that. Yeah, more steps and not super convenient but it works well enough.

2

u/lumidaub Mar 08 '16

No wifi at work, no mobile internet plan (poor, starving student). Don't worry, I can deal, but thank you very much for your suggestions :D

2

u/[deleted] Mar 08 '16

You have a mobile phone. Use it!

2

u/ScrithWire Mar 08 '16

Keep Ass? 0.o

1

u/batmanasb BLUE Mar 08 '16

Do you have to manually copy and paste passwords or do you use a browser plugin? I'm currently using LastPass and am considering switching... since I no longer trust them.

1

u/bonerbender Mar 08 '16

I use the autotype function. For the sites that don't work with it I open it and double click the password to copy it quickly before it clears itself from my clipboard.

1

u/nigerianfacts Mar 09 '16

Keep ass?

1

u/scratchisthebest PURBLE Mar 09 '16

What if the random keepass password has 2 consecutive letters in it tho o.o

1

u/bonerbender Mar 09 '16

You can set it so a character can only appear once in a password.