Is there a good way to store credentials outside of a password manager?












6















A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?










share|improve this question









New contributor




Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 3





    Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.

    – Polynomial
    9 hours ago











  • Maybe ask IT if they have a recommended solution. They may already have some software they allow.

    – Daisetsu
    9 hours ago






  • 11





    What is it about the recommendations/feedback that’s made you hesitant?

    – Ry-
    8 hours ago











  • Potential duplicate? security.stackexchange.com/questions/175075/…

    – schroeder
    8 hours ago











  • Depending on your threat model, pen and paper may not be a bad choice.

    – MooseBoys
    1 hour ago
















6















A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?










share|improve this question









New contributor




Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 3





    Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.

    – Polynomial
    9 hours ago











  • Maybe ask IT if they have a recommended solution. They may already have some software they allow.

    – Daisetsu
    9 hours ago






  • 11





    What is it about the recommendations/feedback that’s made you hesitant?

    – Ry-
    8 hours ago











  • Potential duplicate? security.stackexchange.com/questions/175075/…

    – schroeder
    8 hours ago











  • Depending on your threat model, pen and paper may not be a bad choice.

    – MooseBoys
    1 hour ago














6












6








6








A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?










share|improve this question









New contributor




Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?







passwords password-management






share|improve this question









New contributor




Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 9 hours ago









Jeff Ferland

34.5k778160




34.5k778160






New contributor




Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 9 hours ago









Hajar QhHajar Qh

311




311




New contributor




Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 3





    Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.

    – Polynomial
    9 hours ago











  • Maybe ask IT if they have a recommended solution. They may already have some software they allow.

    – Daisetsu
    9 hours ago






  • 11





    What is it about the recommendations/feedback that’s made you hesitant?

    – Ry-
    8 hours ago











  • Potential duplicate? security.stackexchange.com/questions/175075/…

    – schroeder
    8 hours ago











  • Depending on your threat model, pen and paper may not be a bad choice.

    – MooseBoys
    1 hour ago














  • 3





    Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.

    – Polynomial
    9 hours ago











  • Maybe ask IT if they have a recommended solution. They may already have some software they allow.

    – Daisetsu
    9 hours ago






  • 11





    What is it about the recommendations/feedback that’s made you hesitant?

    – Ry-
    8 hours ago











  • Potential duplicate? security.stackexchange.com/questions/175075/…

    – schroeder
    8 hours ago











  • Depending on your threat model, pen and paper may not be a bad choice.

    – MooseBoys
    1 hour ago








3




3





Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.

– Polynomial
9 hours ago





Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.

– Polynomial
9 hours ago













Maybe ask IT if they have a recommended solution. They may already have some software they allow.

– Daisetsu
9 hours ago





Maybe ask IT if they have a recommended solution. They may already have some software they allow.

– Daisetsu
9 hours ago




11




11





What is it about the recommendations/feedback that’s made you hesitant?

– Ry-
8 hours ago





What is it about the recommendations/feedback that’s made you hesitant?

– Ry-
8 hours ago













Potential duplicate? security.stackexchange.com/questions/175075/…

– schroeder
8 hours ago





Potential duplicate? security.stackexchange.com/questions/175075/…

– schroeder
8 hours ago













Depending on your threat model, pen and paper may not be a bad choice.

– MooseBoys
1 hour ago





Depending on your threat model, pen and paper may not be a bad choice.

– MooseBoys
1 hour ago










5 Answers
5






active

oldest

votes


















16














Install a password manager. A good password manager is much, much better than anything you can do by yourself.



They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.






share|improve this answer



















  • 1





    how does one know which is a good password manage and if they actually follow all the strict development rules ?

    – Nigel Fds
    5 hours ago






  • 3





    @NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments

    – Schwern
    4 hours ago











  • I use Enpass and it's very well written.

    – ThoriumBR
    4 hours ago













  • @Schwern awesome, that's good to know

    – Nigel Fds
    3 hours ago



















6














You're probably referring to the recent articles about flaws in password managers.





  • Password managers have a security flaw. But you should still use one. (Washington Post)


  • Password managers leaking data in memory, but you should still use one. (Sophos)


Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...



All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.



1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.



Password managers can do other things to add to your security.




  • Share and manage your passwords between all your devices, including mobile devices.

  • Share and manage passwords and credentials with co-workers.

  • Store more than just passwords securely.


    • GPG and SSH keys and passphrases


    • One-time password generators

    • Recovery keys

    • Security questions

    • API keys

    • Notes



  • Inform you of insecure passwords


    • Reused passwords

    • Password breaches



  • Generate secure passwords

  • Auto-fill passwords (avoids being shoulder surfed)

  • Auto-record new accounts


These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.






share|improve this answer

































    2














    Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!



    But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.






    share|improve this answer










    New contributor




    Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.
















    • 1





      I think that the hesitation is with using a password manager in general, not the local install.

      – schroeder
      6 hours ago











    • But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)

      – Paris
      5 hours ago



















    0














    The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).



    If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.






    share|improve this answer








    New contributor




    owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.




























      -2














      If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.






      share|improve this answer








      New contributor




      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.
















      • 1





        This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.

        – Schwern
        6 hours ago













      • Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.

        – ThoriumBR
        4 hours ago











      Your Answer








      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "162"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: false,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      noCode: true, onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });






      Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.










      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      5 Answers
      5






      active

      oldest

      votes








      5 Answers
      5






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      16














      Install a password manager. A good password manager is much, much better than anything you can do by yourself.



      They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.






      share|improve this answer



















      • 1





        how does one know which is a good password manage and if they actually follow all the strict development rules ?

        – Nigel Fds
        5 hours ago






      • 3





        @NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments

        – Schwern
        4 hours ago











      • I use Enpass and it's very well written.

        – ThoriumBR
        4 hours ago













      • @Schwern awesome, that's good to know

        – Nigel Fds
        3 hours ago
















      16














      Install a password manager. A good password manager is much, much better than anything you can do by yourself.



      They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.






      share|improve this answer



















      • 1





        how does one know which is a good password manage and if they actually follow all the strict development rules ?

        – Nigel Fds
        5 hours ago






      • 3





        @NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments

        – Schwern
        4 hours ago











      • I use Enpass and it's very well written.

        – ThoriumBR
        4 hours ago













      • @Schwern awesome, that's good to know

        – Nigel Fds
        3 hours ago














      16












      16








      16







      Install a password manager. A good password manager is much, much better than anything you can do by yourself.



      They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.






      share|improve this answer













      Install a password manager. A good password manager is much, much better than anything you can do by yourself.



      They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.







      share|improve this answer












      share|improve this answer



      share|improve this answer










      answered 9 hours ago









      ThoriumBRThoriumBR

      23.9k75773




      23.9k75773








      • 1





        how does one know which is a good password manage and if they actually follow all the strict development rules ?

        – Nigel Fds
        5 hours ago






      • 3





        @NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments

        – Schwern
        4 hours ago











      • I use Enpass and it's very well written.

        – ThoriumBR
        4 hours ago













      • @Schwern awesome, that's good to know

        – Nigel Fds
        3 hours ago














      • 1





        how does one know which is a good password manage and if they actually follow all the strict development rules ?

        – Nigel Fds
        5 hours ago






      • 3





        @NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments

        – Schwern
        4 hours ago











      • I use Enpass and it's very well written.

        – ThoriumBR
        4 hours ago













      • @Schwern awesome, that's good to know

        – Nigel Fds
        3 hours ago








      1




      1





      how does one know which is a good password manage and if they actually follow all the strict development rules ?

      – Nigel Fds
      5 hours ago





      how does one know which is a good password manage and if they actually follow all the strict development rules ?

      – Nigel Fds
      5 hours ago




      3




      3





      @NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments

      – Schwern
      4 hours ago





      @NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments

      – Schwern
      4 hours ago













      I use Enpass and it's very well written.

      – ThoriumBR
      4 hours ago







      I use Enpass and it's very well written.

      – ThoriumBR
      4 hours ago















      @Schwern awesome, that's good to know

      – Nigel Fds
      3 hours ago





      @Schwern awesome, that's good to know

      – Nigel Fds
      3 hours ago













      6














      You're probably referring to the recent articles about flaws in password managers.





      • Password managers have a security flaw. But you should still use one. (Washington Post)


      • Password managers leaking data in memory, but you should still use one. (Sophos)


      Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...



      All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.



      1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.



      Password managers can do other things to add to your security.




      • Share and manage your passwords between all your devices, including mobile devices.

      • Share and manage passwords and credentials with co-workers.

      • Store more than just passwords securely.


        • GPG and SSH keys and passphrases


        • One-time password generators

        • Recovery keys

        • Security questions

        • API keys

        • Notes



      • Inform you of insecure passwords


        • Reused passwords

        • Password breaches



      • Generate secure passwords

      • Auto-fill passwords (avoids being shoulder surfed)

      • Auto-record new accounts


      These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.






      share|improve this answer






























        6














        You're probably referring to the recent articles about flaws in password managers.





        • Password managers have a security flaw. But you should still use one. (Washington Post)


        • Password managers leaking data in memory, but you should still use one. (Sophos)


        Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...



        All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.



        1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.



        Password managers can do other things to add to your security.




        • Share and manage your passwords between all your devices, including mobile devices.

        • Share and manage passwords and credentials with co-workers.

        • Store more than just passwords securely.


          • GPG and SSH keys and passphrases


          • One-time password generators

          • Recovery keys

          • Security questions

          • API keys

          • Notes



        • Inform you of insecure passwords


          • Reused passwords

          • Password breaches



        • Generate secure passwords

        • Auto-fill passwords (avoids being shoulder surfed)

        • Auto-record new accounts


        These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.






        share|improve this answer




























          6












          6








          6







          You're probably referring to the recent articles about flaws in password managers.





          • Password managers have a security flaw. But you should still use one. (Washington Post)


          • Password managers leaking data in memory, but you should still use one. (Sophos)


          Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...



          All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.



          1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.



          Password managers can do other things to add to your security.




          • Share and manage your passwords between all your devices, including mobile devices.

          • Share and manage passwords and credentials with co-workers.

          • Store more than just passwords securely.


            • GPG and SSH keys and passphrases


            • One-time password generators

            • Recovery keys

            • Security questions

            • API keys

            • Notes



          • Inform you of insecure passwords


            • Reused passwords

            • Password breaches



          • Generate secure passwords

          • Auto-fill passwords (avoids being shoulder surfed)

          • Auto-record new accounts


          These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.






          share|improve this answer















          You're probably referring to the recent articles about flaws in password managers.





          • Password managers have a security flaw. But you should still use one. (Washington Post)


          • Password managers leaking data in memory, but you should still use one. (Sophos)


          Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...



          All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.



          1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.



          Password managers can do other things to add to your security.




          • Share and manage your passwords between all your devices, including mobile devices.

          • Share and manage passwords and credentials with co-workers.

          • Store more than just passwords securely.


            • GPG and SSH keys and passphrases


            • One-time password generators

            • Recovery keys

            • Security questions

            • API keys

            • Notes



          • Inform you of insecure passwords


            • Reused passwords

            • Password breaches



          • Generate secure passwords

          • Auto-fill passwords (avoids being shoulder surfed)

          • Auto-record new accounts


          These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 6 hours ago

























          answered 6 hours ago









          SchwernSchwern

          671312




          671312























              2














              Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!



              But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.






              share|improve this answer










              New contributor




              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.
















              • 1





                I think that the hesitation is with using a password manager in general, not the local install.

                – schroeder
                6 hours ago











              • But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)

                – Paris
                5 hours ago
















              2














              Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!



              But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.






              share|improve this answer










              New contributor




              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.
















              • 1





                I think that the hesitation is with using a password manager in general, not the local install.

                – schroeder
                6 hours ago











              • But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)

                – Paris
                5 hours ago














              2












              2








              2







              Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!



              But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.






              share|improve this answer










              New contributor




              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.










              Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!



              But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.







              share|improve this answer










              New contributor




              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.









              share|improve this answer



              share|improve this answer








              edited 6 hours ago









              schroeder

              78k30173209




              78k30173209






              New contributor




              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.









              answered 6 hours ago









              ParisParis

              211




              211




              New contributor




              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.





              New contributor





              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.






              Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.








              • 1





                I think that the hesitation is with using a password manager in general, not the local install.

                – schroeder
                6 hours ago











              • But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)

                – Paris
                5 hours ago














              • 1





                I think that the hesitation is with using a password manager in general, not the local install.

                – schroeder
                6 hours ago











              • But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)

                – Paris
                5 hours ago








              1




              1





              I think that the hesitation is with using a password manager in general, not the local install.

              – schroeder
              6 hours ago





              I think that the hesitation is with using a password manager in general, not the local install.

              – schroeder
              6 hours ago













              But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)

              – Paris
              5 hours ago





              But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)

              – Paris
              5 hours ago











              0














              The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).



              If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.






              share|improve this answer








              New contributor




              owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.

























                0














                The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).



                If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.






                share|improve this answer








                New contributor




                owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.























                  0












                  0








                  0







                  The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).



                  If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.






                  share|improve this answer








                  New contributor




                  owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.










                  The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).



                  If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.







                  share|improve this answer








                  New contributor




                  owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  share|improve this answer



                  share|improve this answer






                  New contributor




                  owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  answered 3 hours ago









                  owacoderowacoder

                  1011




                  1011




                  New contributor




                  owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.





                  New contributor





                  owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






                  owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.























                      -2














                      If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.






                      share|improve this answer








                      New contributor




                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.
















                      • 1





                        This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.

                        – Schwern
                        6 hours ago













                      • Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.

                        – ThoriumBR
                        4 hours ago
















                      -2














                      If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.






                      share|improve this answer








                      New contributor




                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.
















                      • 1





                        This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.

                        – Schwern
                        6 hours ago













                      • Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.

                        – ThoriumBR
                        4 hours ago














                      -2












                      -2








                      -2







                      If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.






                      share|improve this answer








                      New contributor




                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.










                      If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.







                      share|improve this answer








                      New contributor




                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.









                      share|improve this answer



                      share|improve this answer






                      New contributor




                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.









                      answered 8 hours ago









                      user197001user197001

                      1




                      1




                      New contributor




                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.





                      New contributor





                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.






                      user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.








                      • 1





                        This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.

                        – Schwern
                        6 hours ago













                      • Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.

                        – ThoriumBR
                        4 hours ago














                      • 1





                        This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.

                        – Schwern
                        6 hours ago













                      • Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.

                        – ThoriumBR
                        4 hours ago








                      1




                      1





                      This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.

                      – Schwern
                      6 hours ago







                      This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.

                      – Schwern
                      6 hours ago















                      Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.

                      – ThoriumBR
                      4 hours ago





                      Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.

                      – ThoriumBR
                      4 hours ago










                      Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.










                      draft saved

                      draft discarded


















                      Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.













                      Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.












                      Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
















                      Thanks for contributing an answer to Information Security Stack Exchange!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      A CLEAN and SIMPLE way to add appendices to Table of Contents and bookmarks

                      Calculate evaluation metrics using cross_val_predict sklearn

                      Insert data from modal to MySQL (multiple modal on website)