Is there a good way to store credentials outside of a password manager?Password manager vs password bookLooking for password manager in companyIs it a good idea to give users an additional password that they do not control?Web app crypto schemeWhat is the safest way to store passwords in a company for the case when the CISO leaves?How should I store a physical written copy of my password?How secure is a password protected file?Password manager vs password bookBest way to store Apple app-specific passwordaWallet Password ManagerHardware-Based Password Manager
Why does this part of the Space Shuttle launch pad seem to be floating in air?
Simulating a probability of 1 of 2^N with less than N random bits
word describing multiple paths to the same abstract outcome
Are Warlocks Arcane or Divine?
Can I create an upright 7-foot × 5-foot wall with the Minor Illusion spell?
node command while defining a coordinate in TikZ
What was required to accept "troll"?
Teaching indefinite integrals that require special-casing
Reply ‘no position’ while the job posting is still there (‘HiWi’ position in Germany)
For airliners, what prevents wing strikes on landing in bad weather?
What do you call the infoboxes with text and sometimes images on the side of a page we find in textbooks?
How to interpret the phrase "t’en a fait voir à toi"?
Is a naturally all "male" species possible?
The most efficient algorithm to find all possible integer pairs which sum to a given integer
Visiting the UK as unmarried couple
Why isn't KTEX's runway designation 10/28 instead of 9/27?
Can I Retrieve Email Addresses from BCC?
Calculating the number of days between 2 dates in Excel
Resetting two CD4017 counters simultaneously, only one resets
Latex for-and in equation
How can I successfully establish a nationwide combat training program for a large country?
Why are on-board computers allowed to change controls without notifying the pilots?
Can a Bard use an arcane focus?
Indicating multiple different modes of speech (fantasy language or telepathy)
Is there a good way to store credentials outside of a password manager?
Password manager vs password bookLooking for password manager in companyIs it a good idea to give users an additional password that they do not control?Web app crypto schemeWhat is the safest way to store passwords in a company for the case when the CISO leaves?How should I store a physical written copy of my password?How secure is a password protected file?Password manager vs password bookBest way to store Apple app-specific passwordaWallet Password ManagerHardware-Based Password Manager
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
New contributor
add a comment |
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
New contributor
2
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
4 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
4 hours ago
5
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
3 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
2 hours ago
add a comment |
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
New contributor
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
passwords password-management
New contributor
New contributor
edited 4 hours ago
Jeff Ferland♦
34.5k778160
34.5k778160
New contributor
asked 4 hours ago
Hajar QhHajar Qh
61
61
New contributor
New contributor
2
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
4 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
4 hours ago
5
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
3 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
2 hours ago
add a comment |
2
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
4 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
4 hours ago
5
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
3 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
2 hours ago
2
2
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
4 hours ago
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
4 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
4 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
4 hours ago
5
5
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
3 hours ago
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
3 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
2 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
2 hours ago
add a comment |
4 Answers
4
active
oldest
votes
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
54 mins ago
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
1 hour ago
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
add a comment |
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
add a comment |
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
answered 4 hours ago
ThoriumBRThoriumBR
23.8k75772
23.8k75772
add a comment |
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
54 mins ago
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
54 mins ago
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
edited 54 mins ago
schroeder♦
78k30173209
78k30173209
New contributor
answered 58 mins ago
ParisParis
111
111
New contributor
New contributor
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
54 mins ago
add a comment |
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
54 mins ago
1
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
54 mins ago
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
54 mins ago
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
edited 34 mins ago
answered 39 mins ago
SchwernSchwern
621312
621312
add a comment |
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
1 hour ago
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
1 hour ago
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
New contributor
answered 3 hours ago
user197001user197001
1
1
New contributor
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
1 hour ago
add a comment |
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
1 hour ago
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
1 hour ago
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
1 hour ago
add a comment |
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
4 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
4 hours ago
5
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
3 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
2 hours ago