It just isn't viable to have unique passwords on all the different sites that require some sort of login, even with password tools. What if you have something you have to check on a computer where you can't use the tool, maybe not a internet café, but rather at a friends house. Or what if the database is somehow compromised? I don't just use one password everywhere, but I have a few different ones I can remember, some more random than others. If you combine this with different emails used to register, it's difficult to use the info if it's leaked on another site. Until we get a real universal "internet identity", this is the only way I can imagine walking around the internet.
I'm at a friend's house and need to type my password into their computer? Never going to happen: they're likely not very good at securing their computer, and there's not a chance I'm going to risk compromising my password because I can't wait until I get home.
Besides: I have a smartphone with Chrome, I can use that.
If you use a 100% portable tool like passwordcard, then you can use it on any computer.
Though someone may be able to get one password by keylogging, the remainder of your passwords are safe. Your own database can only be compromised by your own action.
What's wrong with the low-tech solution of keeping passwords on a piece of paper in your wallet. People are quite good in securing small physical objects, like keys, pieces of paper, etc.
10 comments
[ 3.4 ms ] story [ 34.6 ms ] threadI'm at a friend's house and need to type my password into their computer? Never going to happen: they're likely not very good at securing their computer, and there's not a chance I'm going to risk compromising my password because I can't wait until I get home.
Besides: I have a smartphone with Chrome, I can use that.
I need all of my passwords with me? LastPass.
Though someone may be able to get one password by keylogging, the remainder of your passwords are safe. Your own database can only be compromised by your own action.
You pull out your smart phone with the synced keychain and manually type the password into the PC.
I make minimal use (essentially none) of third-party computers outside my own laptop, personal desktop, work desktop, and phone.
I have key passwords on my phone (encrypted, KeePass).
I have a more comprehensive list on my laptop (and stashed in a few other places), GPG encrypted, dittos work system.
Works for me.