Is there a good way to store credentials outside of a password manager?Password manager vs password bookLooking for password manager in companyIs it a good idea to give users an additional password that they do not control?Web app crypto schemeWhat is the safest way to store passwords in a company for the case when the CISO leaves?How should I store a physical written copy of my password?How secure is a password protected file?Password manager vs password bookBest way to store Apple app-specific passwordaWallet Password ManagerHardware-Based Password Manager
Can a malicious addon access internet history and such in chrome/firefox?
Installing PowerShell on 32-bit Kali OS fails
Why are all the doors on Ferenginar (the Ferengi home world) far shorter than the average Ferengi?
Stereotypical names
Is it okay / does it make sense for another player to join a running game of Munchkin?
Can I rely on these GitHub repository files?
Is there a problem with hiding "forgot password" until it's needed?
When is separating the total wavefunction into a space part and a spin part possible?
Should my PhD thesis be submitted under my legal name?
node command while defining a coordinate in TikZ
Why are on-board computers allowed to change controls without notifying the pilots?
Is there enough fresh water in the world to eradicate the drinking water crisis?
What if somebody invests in my application?
How did Monica know how to operate Carol's "designer"?
Can I create an upright 7-foot × 5-foot wall with the Minor Illusion spell?
Bob has never been a M before
Invariance of results when scaling explanatory variables in logistic regression, is there a proof?
Why does this part of the Space Shuttle launch pad seem to be floating in air?
Superhero words!
Is there a good way to store credentials outside of a password manager?
Pronouncing Homer as in modern Greek
Modern Day Chaucer
How to check participants in at events?
Visiting the UK as unmarried couple
Is there a good way to store credentials outside of a password manager?
Password manager vs password bookLooking for password manager in companyIs it a good idea to give users an additional password that they do not control?Web app crypto schemeWhat is the safest way to store passwords in a company for the case when the CISO leaves?How should I store a physical written copy of my password?How secure is a password protected file?Password manager vs password bookBest way to store Apple app-specific passwordaWallet Password ManagerHardware-Based Password Manager
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
New contributor
add a comment |
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
New contributor
1
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
3 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
3 hours ago
4
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
2 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
1 hour ago
add a comment |
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
New contributor
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
passwords password-management
New contributor
New contributor
edited 3 hours ago
Jeff Ferland♦
34.5k778160
34.5k778160
New contributor
asked 3 hours ago
Hajar QhHajar Qh
61
61
New contributor
New contributor
1
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
3 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
3 hours ago
4
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
2 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
1 hour ago
add a comment |
1
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
3 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
3 hours ago
4
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
2 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
1 hour ago
1
1
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
3 hours ago
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
3 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
3 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
3 hours ago
4
4
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
2 hours ago
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
2 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
1 hour ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
1 hour ago
add a comment |
4 Answers
4
active
oldest
votes
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
17 mins ago
add a comment |
If you're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breeches requiring a password reset
- Generate secure passwords
- Auto-fill passwords
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
31 mins ago
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
add a comment |
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
add a comment |
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
answered 3 hours ago
ThoriumBRThoriumBR
23.8k75772
23.8k75772
add a comment |
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
17 mins ago
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
17 mins ago
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
New contributor
edited 17 mins ago
schroeder♦
78k30173209
78k30173209
New contributor
answered 21 mins ago
ParisParis
1
1
New contributor
New contributor
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
17 mins ago
add a comment |
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
17 mins ago
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
17 mins ago
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
17 mins ago
add a comment |
If you're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breeches requiring a password reset
- Generate secure passwords
- Auto-fill passwords
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
add a comment |
If you're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breeches requiring a password reset
- Generate secure passwords
- Auto-fill passwords
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
add a comment |
If you're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breeches requiring a password reset
- Generate secure passwords
- Auto-fill passwords
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
If you're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breeches requiring a password reset
- Generate secure passwords
- Auto-fill passwords
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
answered 2 mins ago
SchwernSchwern
611311
611311
add a comment |
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
31 mins ago
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
31 mins ago
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
New contributor
New contributor
answered 2 hours ago
user197001user197001
1
1
New contributor
New contributor
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
31 mins ago
add a comment |
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
31 mins ago
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
31 mins ago
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
31 mins ago
add a comment |
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
3 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
3 hours ago
4
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
2 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
1 hour ago