TOKU - Treasury of Knowledge for Users

A variety of information you might find useful

User Tools

Site Tools

Trace:
security_presentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
security_presentation [2025.02.25 15:22] – [How to create hard-to-guess passwords] Steve Isenbergsecurity_presentation [2026.03.17 15:16] (current) – [More About KeePass] Steve Isenberg
Line 58: Line 58:
 |15|6 hrs|1k years|43m years|600m years|15 bn years| |15|6 hrs|1k years|43m years|600m years|15 bn years|
  
 +[[https://www.passwordmonster.com/|See also this site]] to see how long it would take to crack your password!
 //Of course technology will improve over time and shorten these brute force crack times.// //Of course technology will improve over time and shorten these brute force crack times.//
  
Line 93: Line 94:
 //All of these offer login and text note storage in a secure vault protected by your master password, and can generate (and store) strong passwords.// //All of these offer login and text note storage in a secure vault protected by your master password, and can generate (and store) strong passwords.//
  
-//Following data updated 10/9/2022.  There are MANY other options, these are a few.  You should study all of the features and drawbacks of any option you consider or select.//+//Following data updated 2/25/2025.  There are MANY other options, these are a few.  You should study all of the features and drawbacks of any option you consider or select as information may change.// 
 + 
 +====Password Managers Summary====
 ^Manager^Free version.  ^Paid version.  ^Cost.  ^platforms^ ^Manager^Free version.  ^Paid version.  ^Cost.  ^platforms^
 +|* [[https://bitwarden.com/products/personal/|Bitwarden.com]]|Unlimited pw, passkeys, devices, share with 2 people, self-hosting possible, 2FA | Emergency access | Personal version FREE; Other options available for more $$ |Windows, Mac, Linux, iOS, Android, Browsers|
 |[[https://www.lastpass.com/|www.lastpass.com]] |Access on one device type (computer or mobile) |1GB encrypted cloud storage\\ Multifactor Authentication (MFA)\\ Contingency plan (loved one access in emergency) |Free for one device type; $36/yr 1 user, $48/yr 6 users (group and share items, family manager)|Browser based. Win, Mac, Linux, Mobile| |[[https://www.lastpass.com/|www.lastpass.com]] |Access on one device type (computer or mobile) |1GB encrypted cloud storage\\ Multifactor Authentication (MFA)\\ Contingency plan (loved one access in emergency) |Free for one device type; $36/yr 1 user, $48/yr 6 users (group and share items, family manager)|Browser based. Win, Mac, Linux, Mobile|
 |[[https://www.dashlane.com/|www.dashlane.com]]|One device, secure sharing|unlimited devices, 1GB max, VPN| Free (1 device, 25 passwords); $48/yr (many devices, passwords, and passkeys)|Browser based.  Win, Mac, iOS, Android| |[[https://www.dashlane.com/|www.dashlane.com]]|One device, secure sharing|unlimited devices, 1GB max, VPN| Free (1 device, 25 passwords); $48/yr (many devices, passwords, and passkeys)|Browser based.  Win, Mac, iOS, Android|
 |[[https://keepersecurity.com|keepersecurity.com]]|no free option|(Personal) no limits on storage, devices, sharing; (family) 5 vaults, 10GB secure storage|Personal $35/yr, Family $75/yr|App: Mac, Windows, Linux, iOS, Android; Browser extension| |[[https://keepersecurity.com|keepersecurity.com]]|no free option|(Personal) no limits on storage, devices, sharing; (family) 5 vaults, 10GB secure storage|Personal $35/yr, Family $75/yr|App: Mac, Windows, Linux, iOS, Android; Browser extension|
 |[[https://www.roboform.com|www.roboform.com]]|one device |sync across devices, cloud backup, web access. Family plan is 5 users.|website lists prices in Pounds.\\ Personal: $16.68/1yr, $45.14/3yr, $69.60/5yr\\ Family: $33.40/1yr, $90.20/3yr, $139.30/5yr|Windows, Mac, iOS, Android, Linux, Chromebook, Browsers| |[[https://www.roboform.com|www.roboform.com]]|one device |sync across devices, cloud backup, web access. Family plan is 5 users.|website lists prices in Pounds.\\ Personal: $16.68/1yr, $45.14/3yr, $69.60/5yr\\ Family: $33.40/1yr, $90.20/3yr, $139.30/5yr|Windows, Mac, iOS, Android, Linux, Chromebook, Browsers|
-|[[https://bitwarden.com/|bitwarden.com]]|Unlimited pw, passkeys, devices | 2FA, emergency access, share w/1-6 people | $10/yr one user, $40/yr up to 6 users |Windows, Mac, Linux, iOS, Android, Browsers| 
 |[[https://1password.com/]]|no free version, only paid, 2wk free trial|unlimited pw & devices, 1GB storage, 2FA.|Individual: $36/yr, Families (5 family members): $60/yr|Mac, Win, Linux, iOS, Android, Browsers| |[[https://1password.com/]]|no free version, only paid, 2wk free trial|unlimited pw & devices, 1GB storage, 2FA.|Individual: $36/yr, Families (5 family members): $60/yr|Mac, Win, Linux, iOS, Android, Browsers|
 |[[https://nordpass.com/]]|unlimited pw, notes also, credit cards|emergency access, multiple device access |Premium $20/yr, Family (6 accts) $44/yr|Win, Mac, Linux, Android, iOS, Browsers| |[[https://nordpass.com/]]|unlimited pw, notes also, credit cards|emergency access, multiple device access |Premium $20/yr, Family (6 accts) $44/yr|Win, Mac, Linux, Android, iOS, Browsers|
- 
 |[[https://keepass.info/]]\\ [[https://keepassxc.org/download/|KeePassXC]]|* Can run from USB\\ * Many customizable options\\ * A little intimidating? You judge.|FOSS((FOSS=Free, Open-Source Software)) - there is no paid version -- all features in free version\\ Many ports, with different features and UI|Note, no cost. Does not provide place to store the Password Safe, that's up to you|Windows, Android, iPhone/iPad, Mac, Chromebook, Blackberry, Linux, and more| |[[https://keepass.info/]]\\ [[https://keepassxc.org/download/|KeePassXC]]|* Can run from USB\\ * Many customizable options\\ * A little intimidating? You judge.|FOSS((FOSS=Free, Open-Source Software)) - there is no paid version -- all features in free version\\ Many ports, with different features and UI|Note, no cost. Does not provide place to store the Password Safe, that's up to you|Windows, Android, iPhone/iPad, Mac, Chromebook, Blackberry, Linux, and more|
 KeePassXC is a KeePass port, see Tech Radar's review: [[https://www.techradar.com/reviews/keepassxc]]. It's free but accepts donations. KeePassXC is a KeePass port, see Tech Radar's review: [[https://www.techradar.com/reviews/keepassxc]]. It's free but accepts donations.
Line 113: Line 115:
   * [[https://www.techradar.com/best/password-manager]] a good site for reviews of offerings   * [[https://www.techradar.com/best/password-manager]] a good site for reviews of offerings
   * [[https://www.techradar.com/reviews/keepassxc]] TechRadar's review of KeePassXC   * [[https://www.techradar.com/reviews/keepassxc]] TechRadar's review of KeePassXC
 +
 +====My Recommendations====
 +If you're looking for a fast answer...here's my thoughts
 +  - KeePass on iCloud or Box.  (You're in full control of your passwords and who can see them and are relatively immune to data breaches.)
 +    * You need to be willing to learn to use KeePass and set up cloud storage.
 +  - BitWarden.  Free version is a good solution and it's turnkey.
 +    * Possibility of a breach, see 'Caveat' below.
 +
 +I am interested in your thoughts on these, and other, possibilities you like! 
  
 ====Caveat==== ====Caveat====
Line 128: Line 139:
     * On iPhone and iPad: KeePass Touch     * On iPhone and iPad: KeePass Touch
     * On Android:     * On Android:
-    * On Windows:+    * On Windows: KeePassXC
   * Store password file in iCloud   * Store password file in iCloud
   * Copy password file to local Document storage on each device (so it's available when there's no internet)   * Copy password file to local Document storage on each device (so it's available when there's no internet)
-  * Copy password file to Dropbox, pCloud (as backup)+  * Copy password file to Box (free cloud storageand Dropbox, for redundancy. 
  
 To note: To note:
Line 142: Line 153:
   * Available on all my devices   * Available on all my devices
   * One password to remember   * One password to remember
-  * I can use long and complex passwords+  * I can use long and complex passwords (and KeePass helps me create them and tells how secure they are)
   * Can keep a history of past passwords   * Can keep a history of past passwords
 +  * I can store other information in the vault, like those recovery passwords ”what's your father's middle name” so I can use a fake un-guessable answer
  
 Using a password manager: Using a password manager:
Line 200: Line 212:
     * Passwords typically 14+ characters (upper/lower case and numbers)     * Passwords typically 14+ characters (upper/lower case and numbers)
     * KeePass tells me how secure a given password is     * KeePass tells me how secure a given password is
 +(I'll use [[https://www.passwordmonster.com/]] to see how long each of these passwords would take to crack.
  
-Here is a possible password I might use: ''cqLbq2NHcuNmgU'' -- 14 characters, upper and lower case letters, and at least one number.  This one has entropy 82.06 which is deemed ”good” +Here is a possible password I might use: ''cqLbq2NHcuNmgU'' -- 14 characters, upper and lower case letters, and at least one number.  This one has entropy 82.06 which is deemed ”good”(800 Trillion Years)
  
-Another: ''M6dehfJRn7dz7lM82K'' 18 characters with entropy 101.60 and is deemed ”excellent” by KeePass.+Another: ''M6dehfJRn7dz7lM82K'' 18 characters with entropy 101.60 and is deemed ”excellent” by KeePass. (630 billion trillion years)
 By comparison By comparison
-|password|entropy 1.00| +|password|entropy 1.00|(0 seconds)
-|Password|entrypy 2.00| +|Password|entropy 2.00|(0 seconds)
-|P@$$w0rd|entropy 3.58 (and P@$$w0 has entropy 16.80 !)|+|P@$$w0rd|entropy 3.58 (and P@$$w0 has entropy 16.80 !)|(0 seconds and 63.18 seconds)|
  
  
security_presentation.1740525750.txt.gz · Last modified: by Steve Isenberg