keepass 2 password generator
- Thread starter gareth170
- Start date
Entirely dependent on whether you need access to it elsewhere or on mobile devices, chances are a large player like Lastpass will be able to secure it better than you and have more resilience than your home hosted NAS, but they're also a vastly bigger target for any attack away.
Swings and roundabouts really, I use Lastpass as I enjoy the paid for android app (all $12 a year or whatever) makes things a lot easier on the go.
Swings and roundabouts really, I use Lastpass as I enjoy the paid for android app (all $12 a year or whatever) makes things a lot easier on the go.
Following this thread I tried keepass, didn't really like it, felt clunky with its integration on firefox and having to keep the file and file access on all the computers that I use.
Then played with lastpass, like it much more. It integrates much better with firefox and works on my desktop, laptop and work pc without any faffing about. I've now subbed for a year.
Had a bit of a moment where I lost access to here when I generated a new password for these forums and then didn't click save! But looked back through the logs and found out it shows passwords recently generated so got back in tonight and saved it.
My only worry is dependance on the lastpass servers for all my passwords, if that went i'd have to go through every site and do a reset...
Then played with lastpass, like it much more. It integrates much better with firefox and works on my desktop, laptop and work pc without any faffing about. I've now subbed for a year.
Had a bit of a moment where I lost access to here when I generated a new password for these forums and then didn't click save! But looked back through the logs and found out it shows passwords recently generated so got back in tonight and saved it.
My only worry is dependance on the lastpass servers for all my passwords, if that went i'd have to go through every site and do a reset...
Associate
- Joined
- 17 Sep 2008
- Posts
- 1,757
There's a local copy of the encrypted database stored in your browser profile*, so you should be OK even if LastPass's servers were to go down, but if you want to be doubly/triply sure you could manually export a backup using "Tools > Export To" every so often.
You can also access the database files completely independently of your browser using LastPass Pocket, which works very much like KeePass although without the bells and whistles of later versions.
*edit: my mistake, it's actually in C:\Users\%username%\AppData\LocalLow\LastPass, not the browser profile.
Last edited:
Check here: https://www.grc.com/haystack.htm
Something as simple as Overcl0ckers! would take a "Massive Cracking Array (Assuming one hundred trillion guesses per second)" 1.65 hundred centuries to crack.
Associate
- Joined
- 17 Sep 2008
- Posts
- 1,757
I wouldn't rely on that too much - I think it's assuming a purely brute-force attack, and "Overcl0ckers!" isn't a truly random password. my1login reckons it's "medium" and would fall in 26 hours:
This is quite an interesting read: http://www.dansdata.com/gz140.htm
I've been using Keepass for a while now, it's brilliant for the most part but very annoying when certain sites or games don't let you copy and paste into the password field, like the other day when I was trying to login to Windows Live after installing GTA IV and kept having to tab out of the game. Worth it though.
Meh dictionary based passwords are always daft. Mine are utterly random characters/letters/special characters which frankly make no sense and I can barely say them if I try. My Lastpass one is over 16 characters long, still no idea how I manage to remember it!
Associate
- Joined
- 17 Sep 2008
- Posts
- 1,757
My LastPass master password is 26 characters.My Lastpass one is over 16 characters long, still no idea how I manage to remember it!
It's not completely random, but there's enough randomness and non-obvious substitutions to make it pretty safe - according to my1login, it would take 2 hundred trillion years to crack it, which is well into the Universe's degenerate era. I doubt if even Nelson Mandela will be around by then.
tbh I wouldn't of put your real password on that site to check.My LastPass master password is 26 characters.
It's not completely random, but there's enough randomness and non-obvious substitutions to make it pretty safe - according to my1login, it would take 2 hundred trillion years to crack it, which is well into the Universe's degenerate era. I doubt if even Nelson Mandela will be around by then.
Associate
- Joined
- 17 Sep 2008
- Posts
- 1,757
Dammit, I've just had a debit on my Visa account for "Teenage Russian Midget **** Gobblers." Was that you?Shh I'm getting lots of good stuff via there..
Has anyone imported a Keepass d/b into Lastpass? I'm giving LP a try after using Keepass for years and a bunch of my logins in the database don't have a URL associated. With KP I would just cut and paste but obviously with LP it has the advantage of auto recognising the site based on the URL.
There seems no easy way to update my existing entries in LP. I go to a site, login, LP asks if I want to save the details and at that point I really want to "save to existing entry" to update the URL. Instead I have to save to create a new entry, edit it to copy the url and paste into the old/pre existing entry and then delete the new one.
Not the end of the world but I can't help but feel I'm missing a more obvious way to update an entry.
Any ideas?
There seems no easy way to update my existing entries in LP. I go to a site, login, LP asks if I want to save the details and at that point I really want to "save to existing entry" to update the URL. Instead I have to save to create a new entry, edit it to copy the url and paste into the old/pre existing entry and then delete the new one.
Not the end of the world but I can't help but feel I'm missing a more obvious way to update an entry.
Any ideas?
Sounds good. Don't forget to create a backup of the database on a regular basis, just in case.
well my NAS automaticly makes a second copy of everything.
is it more secure if i use the hidden option and/or put the database in a rar file which has a large file in it that way "if" anyone trys to get it from my pc they would have to download a big file (upload from my pc) and i would easyly know by if the speed drops
Last edited: