Password manager advice please

[Arbiter051]

So today when I finally got to my computer, I booted up Firefox and was met with a big red bar at the bottom and it said something along the lines of.

Your passwords are at risk. Download a password manager etc...

Now being the paranoid person I am, I thoroughly scanned my computer and found nothing malaicious so I figured it was one of my adblockers giving me this message since it gave me the option to not show me again.

I write all my passwords down in a book as they are random crap I type and are very long.

Should I use a password manager? Is it safer or not necessary?

If it is widely suggested to use one, any recommendations would be appreciated please. Also are they easily compromised? It's why I haven't used a pw manager before, one place to keep all your passwords seems a little scary to me.

Thank you

 

[t53186]

Sound to me like the password manager you are using is working just fine. Companies like to fish for suckers, even for a couple bucks.

Just use some basic safe practices, don't give your credentials to anyone, don't use autostore, auto insert, autosave, or whatever in a web browser, don't go to places on the web where you don't belong.

 

[margibso]

Everyone should use a password manager. The two big rules of password security are:
1. Don't re-use passwords or use the same password on more than one site
2. Change your passwords every few months

Things like adding capitalization or numbers to your password are just window dressing, those two rules are what's important. It's also just about impossible for the normal person to follow these rules without the help of a password manager.

Also, about your concerns about having all of you passwords in one place. It is true that if someone gets into your password manager they will have access to everything, but this is EXTREMELY unlikely to happen. First your passwords are stored locally so the hacker would have to physically be at your computer and second the files are encrypted so unless the hacker (the one physically at your machine) knows the password to break the encryption the file will be useless to them. It's still the most secure option for dealing with your passwords.

I like to use keepass2. It's a free open source manager that organizes your passwords into an encrypted file. There are a bunch of good options out there. What's most important is to have one at all.

 

[Arbiter051]

Sound to me like the password manager you are using is working just fine. Companies like to fish for suckers, even for a couple bucks.

Just use some basic safe practices, don't give your credentials to anyone, don't use autostore, auto insert, autosave, or whatever in a web browser, don't go to places on the web where you don't belong.

Don't go to places where you don't belong... man if I had a dollar for every time I was told that haha

 

[Solandri]

I write all my passwords down in a book as they are random crap I type and are very long.

Should I use a password manager? Is it safer or not necessary?

What happens if you lose your book? Or your house gets robbed and a burglar gets your book?

A password manager like KeePass lets you export your passwords into an encrypted file. You can then store copies of that file on multiple computers, your backup drive, and in your cloud storage accounts. If your computer HDD fails, your laptop gets stolen, and your house burns down destroying your backup drive, your passwords are still safe and retrievable from your cloud storage. (Note - some password managers require you to pay them for cloud backup of your passwords. KeePass is open source so you get all the features for free, albeit you may have to work a little more to get it working.)

It's the 21st century. Use the advantages of a 21st century method of storing your passwords. Don't rely on the 3rd century method of writing important info on paper.