Is there a good way to store credentials outside of a password manager?
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
edited 9 hours ago
Jeff Ferland♦
34.5k778160
asked 9 hours ago
Hajar QhHajar Qh
311
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
edited 9 hours ago
Jeff Ferland♦
34.5k778160
asked 9 hours ago
Hajar QhHajar Qh
311
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
9 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
9 hours ago
11
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
8 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
8 hours ago
Depending on your threat model, pen and paper may not be a bad choice.
– MooseBoys
1 hour ago
add a comment |
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
edited 9 hours ago
Jeff Ferland♦
34.5k778160
asked 9 hours ago
Hajar QhHajar Qh
311
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
A lot of the users in my company are using their agendas to write down their password and usernames, or Excel sheets with a protected password. I'm hesitant to install software for password management after reading recommendations/feedback on them. Is there any other secure and user-friendly solution to store passwords?
passwords password-management
passwords password-management
edited 9 hours ago
Jeff Ferland♦
34.5k778160
asked 9 hours ago
Hajar QhHajar Qh
311
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 9 hours ago
Jeff Ferland♦
34.5k778160
asked 9 hours ago
Hajar QhHajar Qh
311
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 9 hours ago
Jeff Ferland♦
34.5k778160
edited 9 hours ago
Jeff Ferland♦
34.5k778160
edited 9 hours ago
Jeff Ferland♦
34.5k778160
34.5k778160
asked 9 hours ago
Hajar QhHajar Qh
311
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 9 hours ago
Hajar QhHajar Qh
311
asked 9 hours ago
Hajar QhHajar Qh
311
311
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Hajar Qh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
9 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
9 hours ago
11
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
8 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
8 hours ago
Depending on your threat model, pen and paper may not be a bad choice.
– MooseBoys
1 hour ago
add a comment |
3
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
9 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
9 hours ago
11
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
8 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
8 hours ago
Depending on your threat model, pen and paper may not be a bad choice.
– MooseBoys
1 hour ago
3
3
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
9 hours ago
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
9 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
9 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
9 hours ago
11
11
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
8 hours ago
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
8 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
8 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
8 hours ago
Depending on your threat model, pen and paper may not be a bad choice.
– MooseBoys
1 hour ago
Depending on your threat model, pen and paper may not be a bad choice.
– MooseBoys
1 hour ago
add a comment |
5 Answers
5
active
oldest
votes
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
1
how does one know which is a good password manage and if they actually follow all the strict development rules ?
– Nigel Fds
5 hours ago
3
@NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments
– Schwern
4 hours ago
I use Enpass and it's very well written.
– ThoriumBR
4 hours ago
@Schwern awesome, that's good to know
– Nigel Fds
3 hours ago
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
answered 6 hours ago
SchwernSchwern
671312
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
edited 6 hours ago
schroeder♦
78k30173209
answered 6 hours ago
ParisParis
211
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
6 hours ago
But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)
– Paris
5 hours ago
add a comment |
The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).
If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.
answered 3 hours ago
owacoderowacoder
1011
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
answered 8 hours ago
user197001user197001
1
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
6 hours ago
Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.
– ThoriumBR
4 hours ago
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
1
how does one know which is a good password manage and if they actually follow all the strict development rules ?
– Nigel Fds
5 hours ago
3
@NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments
– Schwern
4 hours ago
I use Enpass and it's very well written.
– ThoriumBR
4 hours ago
@Schwern awesome, that's good to know
– Nigel Fds
3 hours ago
add a comment |
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
1
how does one know which is a good password manage and if they actually follow all the strict development rules ?
– Nigel Fds
5 hours ago
3
@NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments
– Schwern
4 hours ago
I use Enpass and it's very well written.
– ThoriumBR
4 hours ago
@Schwern awesome, that's good to know
– Nigel Fds
3 hours ago
add a comment |
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
Install a password manager. A good password manager is much, much better than anything you can do by yourself.
They are software created by security professionals, follow strict development rules, and are tested by a lot of people, and attacked by a lot of people. They have better chance of protecting your passwords than anything invented by the average, even the above average user.
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
answered 9 hours ago
ThoriumBRThoriumBR
23.9k75773
23.9k75773
1
how does one know which is a good password manage and if they actually follow all the strict development rules ?
– Nigel Fds
5 hours ago
3
@NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments
– Schwern
4 hours ago
I use Enpass and it's very well written.
– ThoriumBR
4 hours ago
@Schwern awesome, that's good to know
– Nigel Fds
3 hours ago
add a comment |
1
how does one know which is a good password manage and if they actually follow all the strict development rules ?
– Nigel Fds
5 hours ago
3
@NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments
– Schwern
4 hours ago
I use Enpass and it's very well written.
– ThoriumBR
4 hours ago
@Schwern awesome, that's good to know
– Nigel Fds
3 hours ago
1
1
how does one know which is a good password manage and if they actually follow all the strict development rules ?
– Nigel Fds
5 hours ago
how does one know which is a good password manage and if they actually follow all the strict development rules ?
– Nigel Fds
5 hours ago
3
3
@NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments
– Schwern
4 hours ago
@NigelFds Some, like Password, get audited by 3rd parties. support.1password.com/security-assessments
– Schwern
4 hours ago
I use Enpass and it's very well written.
– ThoriumBR
4 hours ago
I use Enpass and it's very well written.
– ThoriumBR
4 hours ago
@Schwern awesome, that's good to know
– Nigel Fds
3 hours ago
@Schwern awesome, that's good to know
– Nigel Fds
3 hours ago
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
answered 6 hours ago
SchwernSchwern
671312
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
answered 6 hours ago
SchwernSchwern
671312
add a comment |
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
answered 6 hours ago
SchwernSchwern
671312
You're probably referring to the recent articles about flaws in password managers.
Password managers have a security flaw. But you should still use one. (Washington Post)
Password managers leaking data in memory, but you should still use one. (Sophos)
Its right there in the titles, password managers have flaws and you should still use one because they're more secure than what many folks do, like keeping passwords in Excel, emailing them around, pasting them into chat where they'll be logged by everyone...
All software has flaws. Password managers, and security software in general, is held to a higher standard than run-of-the-mill software. The flaws these articles are talking about in password managers are not rookie mistakes, but risk trade-offs.
1Password has a write up about the latest flaw. It's not a mistake as it is a consequence of a trade-off to avoid other worse memory bugs. The important bit is that your computer must already be compromised and you have recently typed in your master password. If your computer is already compromised, keeping your passwords in an Excel spreadsheet offers you no protection.
Password managers can do other things to add to your security.
- Share and manage your passwords between all your devices, including mobile devices.
- Share and manage passwords and credentials with co-workers.
- Store more than just passwords securely.
- GPG and SSH keys and passphrases
One-time password generators- Recovery keys
- Security questions
- API keys
- Notes
- Inform you of insecure passwords
- Reused passwords
- Password breaches
- Generate secure passwords
- Auto-fill passwords (avoids being shoulder surfed)
- Auto-record new accounts
These avoid bad practices such as reusing passwords, using weak passwords, sharing them via email or chat or a shared document, writing them down (whether on paper or a file), and continuing to use breached passwords.
answered 6 hours ago
SchwernSchwern
671312
edited 6 hours ago
answered 6 hours ago
SchwernSchwern
671312
answered 6 hours ago
SchwernSchwern
671312
answered 6 hours ago
SchwernSchwern
671312
671312
add a comment |
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
edited 6 hours ago
schroeder♦
78k30173209
answered 6 hours ago
ParisParis
211
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
6 hours ago
But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)
– Paris
5 hours ago
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
edited 6 hours ago
schroeder♦
78k30173209
answered 6 hours ago
ParisParis
211
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
6 hours ago
But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)
– Paris
5 hours ago
add a comment |
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
edited 6 hours ago
schroeder♦
78k30173209
answered 6 hours ago
ParisParis
211
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Your only solution is to select passwords, that are hard to break but easy to remember, then you don't need to write them down anywhere!
But seriously, maybe you can ask your IT support to install a password manager server for your whole company, then you don't need to install one on your machine.
edited 6 hours ago
schroeder♦
78k30173209
answered 6 hours ago
ParisParis
211
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 6 hours ago
schroeder♦
78k30173209
edited 6 hours ago
schroeder♦
78k30173209
edited 6 hours ago
schroeder♦
78k30173209
78k30173209
answered 6 hours ago
ParisParis
211
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 6 hours ago
ParisParis
211
answered 6 hours ago
ParisParis
211
211
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Paris is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
6 hours ago
But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)
– Paris
5 hours ago
add a comment |
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
6 hours ago
But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)
– Paris
5 hours ago
1
1
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
6 hours ago
I think that the hesitation is with using a password manager in general, not the local install.
– schroeder♦
6 hours ago
But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)
– Paris
5 hours ago
But usually the passwords are for something, often for resources on the web. So if you are sending the password through the web, you can also store it on a server that is accessible only internally in your company network, secured by your real password, multiple users can share passwords for some resources, bla bla, <insert advertisment for pwd managment servers here> :-)
– Paris
5 hours ago
add a comment |
The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).
If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.
answered 3 hours ago
owacoderowacoder
1011
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).
If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.
answered 3 hours ago
owacoderowacoder
1011
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).
If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.
answered 3 hours ago
owacoderowacoder
1011
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
The safest place to store a password is nowhere. It should be a secure token that only exists in the memory of the holder. Unfortunately, many use a password that is too simple and insecure, for the purpose of making it easier to remember. In contrast, more secure passwords are more difficult to remember (for most people).
If you cannot rely on your memory, you should definitely use a password manager. Password managers prevent even physical access from compromising your passwords. A little physical password book is only as good as the lock on your door, which is far less secure than a master password for a password manager that's stored only in your memory.
answered 3 hours ago
owacoderowacoder
1011
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 3 hours ago
owacoderowacoder
1011
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 3 hours ago
owacoderowacoder
1011
answered 3 hours ago
owacoderowacoder
1011
1011
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
owacoder is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
answered 8 hours ago
user197001user197001
1
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
6 hours ago
Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.
– ThoriumBR
4 hours ago
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
answered 8 hours ago
user197001user197001
1
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
6 hours ago
Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.
– ThoriumBR
4 hours ago
add a comment |
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
answered 8 hours ago
user197001user197001
1
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
If you do not want a password manager program, print them out and store then in a safe or something secure rather than just a notebook like your co workers use.
answered 8 hours ago
user197001user197001
1
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 8 hours ago
user197001user197001
1
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 8 hours ago
user197001user197001
1
answered 8 hours ago
user197001user197001
1
1
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
user197001 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
6 hours ago
Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.
– ThoriumBR
4 hours ago
add a comment |
1
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
6 hours ago
Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.
– ThoriumBR
4 hours ago
1
1
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
6 hours ago
This is fine as a backup for your super important passwords, like the password to your password manager, but for any day-to-day passwords you need them in a convenient and secure location. A safe will not cut it.
– Schwern
6 hours ago
Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.
– ThoriumBR
4 hours ago
Keeping the VPN password on a safe is not practical. For your bitcoin cold-wallet is fine, but not for everything.
– ThoriumBR
4 hours ago
add a comment |
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Hajar Qh is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206090%2fis-there-a-good-way-to-store-credentials-outside-of-a-password-manager%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
3
Spreadsheets are a terrible choice. Offline password managers like KeePass are going to be your best option. Other than that I don't know what anyone could suggest - it's pretty much that or writing them in a physical book.
– Polynomial
9 hours ago
Maybe ask IT if they have a recommended solution. They may already have some software they allow.
– Daisetsu
9 hours ago
11
What is it about the recommendations/feedback that’s made you hesitant?
– Ry-
8 hours ago
Potential duplicate? security.stackexchange.com/questions/175075/…
– schroeder♦
8 hours ago
Depending on your threat model, pen and paper may not be a bad choice.
– MooseBoys
1 hour ago