|
LifeLynx posted:My girlfriend keeps losing her phone. Perhaps consider a Tile or similar Bluetooth Low Energy tracker that can also cause the phone to sound a tone. But, in deference to the suggestions of others, here's a deal for four Tiles and a Google Home Mini. EDIT: I just thought I'd add that I've installed a File Explorer without making the customary post of "what's the best File Explorer". Thought regular posters may find this refreshing. Rooted Vegetable fucked around with this message at 17:06 on Oct 4, 2018 |
# ? Oct 4, 2018 17:04 |
|
|
# ? Apr 18, 2024 01:20 |
|
CLAM DOWN posted:Yes, I use KeePass. You're thinking of LastPass
|
# ? Oct 4, 2018 17:16 |
|
CLAM DOWN posted:Yup, encrypted database is safe and happy on Google drives, and it integrates into Oreo's autofill API too (the app is Keepass2Droid) Does the notification constantly need to be there?
|
# ? Oct 4, 2018 17:22 |
|
Lastpass isnt any less secure than any of the others, they're just a lot more transparent about disclosing attacks.
|
# ? Oct 4, 2018 17:36 |
|
saintonan posted:Lastpass isnt any less secure than any of the others, they're just a lot more transparent about disclosing attacks. Now you've done it.
|
# ? Oct 4, 2018 17:50 |
|
Thanks for the replies, also those chiming in with their own questions, this is probably a chasm many people know they should jump but have postponed. Think I will try some self synced Keep-rear end to begin with. Also trying to come up with a nice password scheme. I'm thinking some "battery horse staple" stuff + entropy spice for Gmail, which doesn't go in the key manager, similar thing for the keystore itself, then everything else in there. Maybe some exceptions. Please share if you have masterminded some awesome scheme. Actually I think I should get a new email account as well, and use the secondary one for webshops, apps etc that don't matter. It sucks that my very single-point-of-ownage is also my plaintext stored username on any lovely thing I sign up for and also the mobile managed cloud account I'm planning to put all my passwords in. Ideas here are also welcome. Maybe a credit card alias wouldn't hurt either. A bit beyond this thread though, is there a big "let's get secure" megathread somewhere?
|
# ? Oct 4, 2018 17:52 |
|
Ola posted:Thanks for the replies, also those chiming in with their own questions, this is probably a chasm many people know they should jump but have postponed. Think I will try some self synced Keep-rear end to begin with. Diceware.
|
# ? Oct 4, 2018 17:56 |
|
One thing to think about as you're locking your stuff down is how you'll get into it in an emergency. Like, if your point of entry requires two factor authentication through your phone, what do you do if you lose your phone?
|
# ? Oct 4, 2018 17:56 |
|
saintonan posted:Lastpass isnt any less secure than any of the others, they're just a lot more transparent about disclosing attacks. Yes, it's significantly less secure than something like KeePass, which is individually and privately hosted (or not hosted at all, for the particularly paranoid). Lastpass is a centrally hosted cloud service, which means not only is it a target, but if the attacker gets through the security they get potentially millions of passwords. Those passwords are still encrypted and will likely remain so, but it's a much different situation.
|
# ? Oct 4, 2018 18:02 |
|
Uthor posted:One thing to think about as you're locking your stuff down is how you'll get into it in an emergency. Like, if your point of entry requires two factor authentication through your phone, what do you do if you lose your phone? I keep the backup codes in the notes sections in the relevant Keepass entries, and I keep a copy of the archive, it's keyfile, and Keepass portable on an old flashstick I keep on my keyring at all times, as well as a standard backup portable drive. Whenever I make a change to the archive (not that often), I manually update the offline copies. The downside is this mean I won't be able to, say, replace the key file with a Yubikey 2fa, since the archive on the stick would fall out of sync with the Yubikey pretty darn quick and be rendered useless. Tradeoffs. And yes, I keep a hardcopy of the backup codes and QR codes in a firesafe that trusted individuals have access to, in case my phone breaks while I'm on the other end of the country or something and need to buy a burner replacement (yes, this has happened to someone else in the family).
|
# ? Oct 4, 2018 18:03 |
|
Keepass doesn't just store your passwords, it'll generate secure passwords too; on the desktop it can work with those silly 'enter the third, fourth and eighth characters of your password' prompts automatically. It's an incredibly flexible piece of software. Keep the 'master password' in your fridge or something and you're just about set, unless you're on the run from three-letter agencies or something.
|
# ? Oct 4, 2018 18:10 |
|
spincube posted:'enter the third, fourth and eighth characters of your password' prompts
|
# ? Oct 4, 2018 18:28 |
|
Taffer posted:Yes, it's significantly less secure than something like KeePass, which is individually and privately hosted (or not hosted at all, for the particularly paranoid). Lastpass is a centrally hosted cloud service, which means not only is it a target, but if the attacker gets through the security they get potentially millions of passwords. Those passwords are still encrypted and will likely remain so, but it's a much different situation. It's a distinction without a difference. If the passwords are still encrypted and remain that way, then the passwords are still secure. I stand by my statement that Lastpass isn't any less secure than the other popular alternatives.
|
# ? Oct 4, 2018 18:47 |
|
butt dickus posted:What? If a service knows that information they're not storing your password correctly. Oh I know, it's from the same How To Security For Morons handbook as disabling paste, and forcing a password change every five seconds. It's just a second password to remember after your main username/password.
|
# ? Oct 4, 2018 18:55 |
|
spincube posted:Keep the 'master password' in your fridge or something and you're just about set, for a few :tenbux: you can get a small safe that is fireproof and waterproof, and has a warranty. i got one to store documents that are a pain to get copies of, like my birth certificate one pitfall with fireproof boxes that's relevant to this thread, is that some of them are only rated to keep paper media safe. so if you plan on putting, say, a flash drive or CD-R in there, make sure the box specifically advertises protection for the thing you're putting in it
|
# ? Oct 4, 2018 18:56 |
|
Android Apps: Screw It, Buy an Alarm Clock and a Safe
|
# ? Oct 4, 2018 19:13 |
|
lol if you don't just keep your phone in a black box case
|
# ? Oct 4, 2018 19:15 |
|
spincube posted:those silly 'enter the third, fourth and eighth characters of your password' prompts
|
# ? Oct 4, 2018 19:32 |
|
Endless Mike posted:wtf is this poo poo I have literally never seen this I have seen it. On an online banking site. I hope it goes without saying, but I'm no longer a customer at that bank.
|
# ? Oct 4, 2018 20:02 |
|
It literally means they are storing your password as-is, so yes running away screaming is a good reaction
|
# ? Oct 4, 2018 21:59 |
|
If you forget your password and they email it to you, same thing. I love it when it's an important site (like for a doctor or bank) and they tell you the password cannot contain special characters and has to be under eight characters long. My Nintendo Switch password is like 14 random characters, and I only stopped there because I gotta type it in!
|
# ? Oct 4, 2018 22:25 |
|
CLAM DOWN posted:It literally means they are storing your password as-is, so yes running away screaming is a good reaction Too bad literally all the American banks have that level of online security. Even local credit unions outsource their online services to big and dumb national services.
|
# ? Oct 4, 2018 22:30 |
|
CLAM DOWN posted:It literally means they are storing your password as-is, so yes running away screaming is a good reaction More seriously, worth pointing out that banks normally use this in addition to an actual password which means it isn't inherently insecure even if you can argue that it doesn't add much.
|
# ? Oct 4, 2018 23:34 |
|
Or they have separate hashes/salts/whatever the right terminologies are for each combination of 3 characters.
|
# ? Oct 5, 2018 17:58 |
|
What's the purpose of entering certain characters of your password vs just entering your password? Someone either knows your password or they don't. If it's about saved passwords, that's an end-user problem.
|
# ? Oct 5, 2018 18:11 |
|
Vykk.Draygo posted:What's the purpose of entering certain characters of your password vs just entering your password? Someone either knows your password or they don't. If it's about saved passwords, that's an end-user problem. You also need to understand that "it's the end user's problem" simply doesn't fly in a bank. It is the bank's problem because at worst they are legally responsible and at best they still often end up taking the financial hit when fraud does occur simply in the interest of looking after the customer.
|
# ? Oct 5, 2018 19:52 |
|
Tunga posted:I mean, this is not necessarily true, it could be encrypted as separate characters. Which is totally secure! *ticks box on audit*
|
# ? Oct 5, 2018 20:08 |
|
Mikl posted:I have seen it. On an online banking site. my credit union doesn't even have case-sensitive passwords
|
# ? Oct 5, 2018 20:38 |
|
butt dickus posted:Encrypting/hashing single characters is worse than worthless because generating the rainbow table is trivial, even if the characters are salted. Now you've given away part of the real password, making it easier to crack.
|
# ? Oct 5, 2018 21:33 |
|
Oh, good, Google Translate updated. It continues to show a "chat head" style pop up when I copy some text, but now there is a persistent notification telling me that the option is turned on. Best I can do is minimize the notification so I don't see an icon. Or turn off the really useful option.
|
# ? Oct 5, 2018 23:54 |
|
Tunga posted:Yes it was a joke. The part after "more seriously"? I must be off by an irony level.
|
# ? Oct 6, 2018 00:52 |
|
Uthor posted:Oh, good, Google Translate updated. It continues to show a "chat head" style pop up when I copy some text, but now there is a persistent notification telling me that the option is turned on. Best I can do is minimize the notification so I don't see an icon. Or turn off the really useful option. I think I need to translate something like once of a month, so it's not really that big of an inconvenience for me to manually open the Translate app and get the translation going. Eh.
|
# ? Oct 6, 2018 04:59 |
|
butt dickus posted:The part after "more seriously"? I must be off by an irony level.
|
# ? Oct 6, 2018 08:13 |
|
Hi, yes, Google Translate helped me navigate a Tinder date while in a different country and it ended very well so I'm forever a fan of it. Thank you, this is my story.
|
# ? Oct 6, 2018 09:08 |
|
Are there any apps for Android that will let me shuffle Apple Music songs by album? There are a number of apps in the store, but I don't know if any of them will allow me to play DRM'd streaming songs through the AM player.
|
# ? Oct 6, 2018 17:37 |
|
XIII posted:Hi, yes, Google Translate helped me navigate a Tinder date while in a different country and it ended very well so I'm forever a fan of it. Thank you, this is my story. The eggplant/peach emoji combo isn't universal?
|
# ? Oct 6, 2018 18:05 |
|
XIII posted:Hi, yes, Google Translate helped me navigate a Tinder date while in a different country and it ended very well so I'm forever a fan of it. Thank you, this is my story. That's a long way to travel for just one date.
|
# ? Oct 7, 2018 19:34 |
|
ThermoPhysical posted:That's a long way to travel for just one date. When you set ur radius to 1000mi
|
# ? Oct 7, 2018 20:06 |
|
Desperate times call for desperate measures
|
# ? Oct 7, 2018 21:05 |
|
|
# ? Apr 18, 2024 01:20 |
|
Is there an app or existing system setting to track what's triggering kernel panics or reboots? On 8.1 stock and an Android One phone.
|
# ? Oct 8, 2018 05:02 |