|
Size: 1124
Comment:
|
Size: 1619
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| ## page was renamed from PasswordTool = Password Management Tool = * There are a lot of tools which try to help you organize your passwords. * We chose '''KeepassXC'''' - http://www.keepass.info/ |
= Password Management = |
| Line 6: | Line 3: |
| * It's available for Linux, Windows, Mac, iPhone and Android. | == Important advises == |
| Line 8: | Line 5: |
| * We do not recommend to us an online password manager - those are under constant hacker attacks, and lot of them have been already hacked. | * Use different passwords for your online accounts. * Whenever possible, activate multi factor authentication (MFA) - even if this is pain at the beginning, as soon as you have been hacked, you will change your mind. * Save your passwords in a secure way (not in .docx or .xlsx or whatever). * Take care that you have access to your personal credentials, even if there is no internet available. |
| Line 10: | Line 10: |
| = Installation = | == FAQ == |
| Line 12: | Line 12: |
| * Thinlinc: keepass is already installed. * Personal computer / phone: download or check the App Store. |
* Q: Why different passwords? |
| Line 15: | Line 14: |
| = Best practice = | * A: If a hacker get's your password, the first thing he will do is to try the capured password on all major online services (gmail, whatsapp, spotify, ...) |
| Line 17: | Line 16: |
| * The password manager stores all credentials in one file. * This file is encrypted with your master password - Choose a strong password. * Save the database file in a directory which is synchronised on all of your devices (phone, tablet, notebook, thinlinc) * To synchronize all your devices, [[drive.math.uzh.ch]] (I-MATH), [[drive.switch.ch]] (UZH, recommended), OneDrive, Dropbox or GoogleDrive. * Practice the use of the password manager, take care that the sync is always running * You can also put scans of important documents in keepass! |
* Q: Should I use an online password service like lastpass, 1password, ... * That's your decision. Some of them have been hacked already ([[https://www.heise.de/news/Passwortmanager-LastPass-Hacker-scheinen-Kennworttresore-zu-knacken-9300583.html|Lastpass hacked]]) * Q: Is it ok to save my passwords in the browser? * A: This is a personal decision and no clear yes/no. You definetly should use a strong master password. * Q: Is it ok to Mac OS X Keychain or Microsoft Windows Credential Manager? * A: This is fine with one added requirement: you should have an offline backup! Just imagine your Apple ID or Microsoft account will be locked by Apple or Microsoft! You will not be the first person and it is really really hard to get the account back ([[https://www.heise.de/select/ct/2022/24/2227209284720057373|Microsoft sperrt Account]]) * Q: What is your advice to manage passwords? * A: Use [[keepassx]]. |
Password Management
Important advises
- Use different passwords for your online accounts.
- Whenever possible, activate multi factor authentication (MFA) - even if this is pain at the beginning, as soon as you have been hacked, you will change your mind.
- Save your passwords in a secure way (not in .docx or .xlsx or whatever).
- Take care that you have access to your personal credentials, even if there is no internet available.
FAQ
- Q: Why different passwords?
- A: If a hacker get's your password, the first thing he will do is to try the capured password on all major online services (gmail, whatsapp, spotify, ...)
- Q: Should I use an online password service like lastpass, 1password, ...
That's your decision. Some of them have been hacked already (Lastpass hacked)
- Q: Is it ok to save my passwords in the browser?
- A: This is a personal decision and no clear yes/no. You definetly should use a strong master password.
- Q: Is it ok to Mac OS X Keychain or Microsoft Windows Credential Manager?
A: This is fine with one added requirement: you should have an offline backup! Just imagine your Apple ID or Microsoft account will be locked by Apple or Microsoft! You will not be the first person and it is really really hard to get the account back (Microsoft sperrt Account)
- Q: What is your advice to manage passwords?
A: Use keepassx.