• Activity
  • Votes
  • Comments
  • New
  • All activity
  • Showing only topics with the tag "security". Back to normal view
    1. After being skeptic of password managers for a long time, I've decided to take the plunge and get one installed. The burden of remembering dozens of passwords is simply getting a bit too much. So,...

      After being skeptic of password managers for a long time, I've decided to take the plunge and get one installed. The burden of remembering dozens of passwords is simply getting a bit too much. So, I was wondering if anyone here has any recommendations of password managers? Maybe one you or a trusted friend use? Or maybe you think password managers are rubbish, and want to share you opinion?

      Any suggestions are welcome, in the interest of fostering discussion/having the thread be useful to other people too. But in my specific use case, I want to be able to sync between devices. I'd prefer something open source, but it's not a requirement.

      25 votes
    2. I thought I've been looking for a good password manager, but I'm not sure that's what I really need. Here's my use case: I currently have a Google Sheet in my Google Drive that contains all my...

      I thought I've been looking for a good password manager, but I'm not sure that's what I really need.

      Here's my use case:

      • I currently have a Google Sheet in my Google Drive that contains all my ID/passwords for everything
      • In addition I have personal info in there like SSNs and Credit Cards #s
      • I want to be able to have instant access to all of the info from my ancient iPhone and my laptop

      Things I've tried:

      • I messed around with Last Pass a bit and found it couldn't actually fill in the passwords in the apps I was using so I'd have to manually type them, which is a deal breaker for me.
      • I've been using FireFox's LockBox and it's a bit better on that front but doesn't actually remember what the password goes to the app so I have to look it up each time, but it does populate them in the appropriate fields.
      • Password-protecting a Google Sheet is apparently impossible but was a solution I was after for some time (Excel and Libre can do this..so +1 for software)

      Other info:

      • I am currently using an iPhone 5 but I plan to "upgrade" to a Samsung Galaxy S7 sometime in the near future. Perhaps that's why the functionality of these password managers seem so inconvenient for me? Would they work better on a modern phone?

      What I'm after is perhaps two solutions:

      • A password manager that crosses the bridge from desktop FireFox to the apps on my phone, and fills in the password for me automatically. That would allow me to feel like I could move to more random passwords for things.

      • Some encrypted, password-protected site/app that could store plain text notes for sensitive things like SSNs and Credit Card #s that would stay in sync between a laptop and a smartphone.

      Go ahead and mock me for my terrible security and ancient phone. I deserve it! But when you're done, I'd appreciate some guidance.

      EDIT: Sounds like first priority should be to update my phone. Then there appear to be plenty of options to try. Thanks everyone so much!

      18 votes
    3. edit: Problem solved, davidb informed me about the vulnerability in version 3.0.4, and that it is fixed in the new version 3.0.6. Somehow Spyhunter thinks i still use 3.0.4, which in turn is the...

      edit: Problem solved, davidb informed me about the vulnerability in version 3.0.4, and that it is fixed in the new version 3.0.6. Somehow Spyhunter thinks i still use 3.0.4, which in turn is the actual problem i had with Spyhunter, not VLC.

      Spyhunter 5 has been bothering me about potential data leaks from vlc media player. The vulnerability is generally based on publicly available information.
      It would be a shame if i have to switch, been using vlc for as long as i remember. It is probably the best media player out there, but i hate sharing my personal data in any way or form.

      Spyhunter msg:

      • Severity: Medium, VLC media player (Version 3.0.4)
        • The CAF demuxer in modules/demux/cad.c in VideoLan media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in Caf files, because a ReadKukiChunk() cast converts a return value to an unsigned int, even if that value is negative. This could result in a denial of service and/or potential infoleak.

      Is this even anything to care about? I have updated VLC including removing cashe and still get the alert. Is a rollback another option perhaps?

      5 votes