keepass 2 password generator

Sounds like a lot of hassle to me. The attacker could extract the archive to get the database.
ok i'll just see how it goes has it is. i've done 4 passwords so far

i don't download any doggy things anyway.

could i keep the flash drive pluged in but disabled it in device manager after finishing with keepass? or still best to unplug it?
 
well my NAS automaticly makes a second copy of everything.

is it more secure if i use the hidden option and/or put the database in a rar file which has a large file in it that way "if" anyone trys to get it from my pc they would have to download a big file (upload from my pc) and i would easyly know by if the speed drops

If you're referring to the NAS' RAID capability, this isn't a backup - make sure you do backups as well.
 
I would remove it. What's on the flash drive, the key file?
yes. the reason i asked is because if i'm alone or something and need to login to something, i wouldn't able too, has i can't plug in the flash drive myself.

If you're referring to the NAS' RAID capability, this isn't a backup - make sure you do backups as well.
RAID 1 mirrors the data so if one HDD dies/fails the data is still safe/accessible on the other hdd.

also i normally do a safepoint which it backups everything to a external hdd
 
yes. the reason i asked is because if i'm alone or something and need to login to something, i wouldn't able too, has i can't plug in the flash drive myself.

Disabling the device would be best in this case, if you're willing to enable/disable every time to want to access the database. You could use a Truecrypt container instead of a flash drive.
 
I personally wouldn't use Lastpass.. Not because it's bad, but because your passwords are not stored on your PC, and are therefore NOT under YOUR control.

You are dependant on the Lastpass server not being compromised (from any source)... and in this day/age when it's well known that the NSA are busy decrypting ANYTHING they can access, the VERY LAST place I would put my passwords is online.

Now admittedly I might be biased because I am a Keepass user. However in this day/age the very last place I would put anything sensitive is online, on a server outside of my control.

YMMV
 
Disabling the device would be best in this case, if you're willing to enable/disable every time to want to access the database. You could use a Truecrypt container instead of a flash drive.
ok, thanks
I personally wouldn't use Lastpass.. Not because it's bad, but because your passwords are not stored on your PC, and are therefore NOT under YOUR control.

You are dependant on the Lastpass server not being compromised (from any source)... and in this day/age when it's well known that the NSA are busy decrypting ANYTHING they can access, the VERY LAST place I would put my passwords is online.

Now admittedly I might be biased because I am a Keepass user. However in this day/age the very last place I would put anything sensitive is online, on a server outside of my control.

YMMV
i agree. that why i don't like the idea of lastpass
 
Keepass v Lastpass

Two different solutions but all I'd say is consider this:

1. If you know what you're doing and patch and secure your local server, NAS and PCs then fair enough - Keepass is right for you.

2. If you aren't sure, or want more options for using the password management - Lastpass is right for you.

I've used both, currently back with Lastpass due to the Android app but the next person I meet using Keepass and storing it in Dropbox gets a slap :p
 
RAID 1 mirrors the data so if one HDD dies/fails the data is still safe/accessible on the other hdd.

also i normally do a safepoint which it backups everything to a external hdd

RAID 1 isn't a backup, far too often I've seen one drive go and the other get corrupt garbage dumped on it. Please for the love of god do your external backup regularly :D
 
RAID 1 isn't a backup, far too often I've seen one drive go and the other get corrupt garbage dumped on it. Please for the love of god do your external backup regularly :D
if thats the case why don't i just run raid 0 has theres still a risk?

u have to remember it's much more difficult for me to do things like this (pluging / unpluging usb's) has i have to relay on someone to do that for me.
 
I have used Lastpass premium for about three years now, absolutely brilliant. I use a (USB) Yubikey from Ybicon to athenticate my logins pretty secure for sure.
 
Last edited:
Used to use Lastpass but moved everything to Keepass. Just preferred the fact I manage where my data is. The Ctrl + Alt + A feature saves me typing passwords not only for websites but for normal Windows programs. UAC is enabled heavily on my work environment so I get prompted for my credentials all the time. Keepass saves me 5 seconds of my life everytime that damn dialog pops up.
 
Back
Top Bottom