On Friday, 11 April 2014 at 12:18:38 UTC, Steven Schveighoffer
wrote:
I use lastpass premium, $1/month. I started using it when a web
site that I created a user for, to comment *once* on an
article, ended up having its passwords stolen (in encrypted
form), and I realized I had used the same password as my bank,
credit card, email, etc.
A good article on password managers:
http://www.pcmag.com/article2/0,2817,2407168,00.asp
As a bonus, I keep all kinds of info in my last pass vault,
that I would normally have to write down (like safe
combinations, or key codes for doors). It's really cool to have
an infinite memory for infrequently used, but very important
things, that only I can access :)
They just updated their "challenge" tool to scour your
passwords, tell you which ones are for sites that were affected
by the heartbleed bug, whether those sites are now safe or not
(including whether the certificate is new or not), and whether
your password predates them making their site safe (so you
should go change the password).
-Steve
I second the endorsement for LastPass. I have over 200 passwords,
all unique to each site and all random characters, symbols, and
numbers between 12-64 characters in length (64 unless the site
restricts password length). There is a lot of peace of mind
knowing any site hacks that occur are isolated to one site and
not all the sites I used the password for.
