I changed to Hubic and I am happy, Created account, run referral links and I’m at 55GB as I speak. You can sign up to get extra space beyond the space offered on their website https://hubic.com/nl/offers?referral=CYHNPO
OK, 55GB that’s way more than most of storage services offer. Plus - here is the deal - Hubic offers true folder syncing (not like Dropbox or Onedrive, just one folder), plus they offer backup option only. The mobile device apps are pretty good. One thing I like about Hubic is it give expiry dates on shared links.
SugarSync doesn’t provide free space. Cubby has limited storage and you have to do a lot of work to get some space. Copy is not interesting anymore since they cut the referral program. Dropbox sucks because you have to do 30 referrals to get just a few Gig space. I find HubiC is pretty good and it now pretty fast, I am averaging 2-3 GB upload per hour which is pretty decent. Here is a sign up link to get you extra 5GB in addition to 25GB plus you can get 25 GB additional space for a total of 55GB of space easily on HubiC: https://hubic.com/nl/offers?referral=CYHNPO .....
Just sign up with this link and you get the bonus space instead of the regular 25GB if you go directly through Hubic website. And you can have peace of mind HubiC is owned by OVH, they are pretty big internet hosting company, hosting is in Europe.
Right now they have 500,000 accounts, which is pretty impressive for a service that just started a couple of months ago.
If you decide to subscribe to their service, it’s starts at 80 cents per month, pretty good price, so no need to prepay chunk of money and you can cancel anytime.
Password managers are flawed by design. A master password grants access to all other passwords and creates a single point of failure. I also advise using separate email addresses to avoid having an additional single point of failure.
Have one email primarily for social interaction and create new emails when creating new accounts on new websites with new passwords.
I'll stick with using my own head. Even if that means I'm sending a password recovery request at least once a month from forgetting my passwords and then playing "Guess the Email that was just sent to" for the next 15 minutes.
Chances are if I forget my login, the site wasn't very important to me anyway and it's one less place I'll visit.
You're worried about the password for a website, so you create a new email account to handle its password recoveries. Now you have 2 passwords to worry about.
In cryptography, a single point of failure is what you want, because you can concentrate entropy at that point. Take 5 of the best passwords you can remember; concatenate them and use that as your master password. A 40+ character password from the full set of symbols will not be guessed anytime soon, even for astronomical values of "soon."
This is a net win because with a password manager, ALL your passwords can be 40+ characters if you want; you only have to remember one of those. Plus you can reduce the chance of needing to use email reset (which is itself incredibly insecure) to near zero.
A single point of failure means if they gain access to one account they have access to ALL of your accounts. For example, if someone breaks into your email and you use that email for all of your accounts (banking, amazon, facebook, etc.) they can use email recovery to gain access to ALL of your accounts.
If someone gains access to one of my accounts, every single other account is still secure because it uses an entirely different email & password that has no relation to any other email or password.
> If someone gains access to one of my accounts, every single other account is still secure
All of your accounts are insecure from the start because a) you use passwords easy enough for you to remember, and b) you rely on email reset, which travels the public Internet in plain text.
Try checking your RCPT header next time. Create a throwaway Yahoo account and change the password. You'll find it's sent with 128 bit encryption over TLS. If using a Gmail account to recover, Gmail defaults to HTTPS. You'll find you're secure every step of the way. To call email insecure is to be rather outdated with advances in the past 4-5 years.
Furthermore, nice assumption under 'a'. Mnemonics are a powerful learning device for memorization, I advise you look into them. The human memory is a powerful thing and committing several randomly generated password consisting of 20-50 characters it not "impossible".
I do not remember my passwords. I remember mnemonics which help me remember my passwords. It's not entirely foolproof but it is far more secure than a single-failure-point system.
Your password reset email might or might not travel over SMTPS. As an end user you have no way of knowing in advance or forcing its use, so it's not very trustworthy.
I have no doubt you can memorize several very strong passwords, but there is a limit to how much randomness anyone can memorize. I've got over 100 passwords in my manager, counting both personal and professional accounts I need to keep track of.
12 comments
[ 3.2 ms ] story [ 33.0 ms ] threadOK, 55GB that’s way more than most of storage services offer. Plus - here is the deal - Hubic offers true folder syncing (not like Dropbox or Onedrive, just one folder), plus they offer backup option only. The mobile device apps are pretty good. One thing I like about Hubic is it give expiry dates on shared links.
SugarSync doesn’t provide free space. Cubby has limited storage and you have to do a lot of work to get some space. Copy is not interesting anymore since they cut the referral program. Dropbox sucks because you have to do 30 referrals to get just a few Gig space. I find HubiC is pretty good and it now pretty fast, I am averaging 2-3 GB upload per hour which is pretty decent. Here is a sign up link to get you extra 5GB in addition to 25GB plus you can get 25 GB additional space for a total of 55GB of space easily on HubiC: https://hubic.com/nl/offers?referral=CYHNPO .....
Just sign up with this link and you get the bonus space instead of the regular 25GB if you go directly through Hubic website. And you can have peace of mind HubiC is owned by OVH, they are pretty big internet hosting company, hosting is in Europe.
Right now they have 500,000 accounts, which is pretty impressive for a service that just started a couple of months ago.
If you decide to subscribe to their service, it’s starts at 80 cents per month, pretty good price, so no need to prepay chunk of money and you can cancel anytime.
Here is the link again: https://hubic.com/nl/offers?referral=CYHNPO
Cheers.
Have one email primarily for social interaction and create new emails when creating new accounts on new websites with new passwords.
I'll stick with using my own head. Even if that means I'm sending a password recovery request at least once a month from forgetting my passwords and then playing "Guess the Email that was just sent to" for the next 15 minutes.
Chances are if I forget my login, the site wasn't very important to me anyway and it's one less place I'll visit.
In cryptography, a single point of failure is what you want, because you can concentrate entropy at that point. Take 5 of the best passwords you can remember; concatenate them and use that as your master password. A 40+ character password from the full set of symbols will not be guessed anytime soon, even for astronomical values of "soon."
This is a net win because with a password manager, ALL your passwords can be 40+ characters if you want; you only have to remember one of those. Plus you can reduce the chance of needing to use email reset (which is itself incredibly insecure) to near zero.
If someone gains access to one of my accounts, every single other account is still secure because it uses an entirely different email & password that has no relation to any other email or password.
All of your accounts are insecure from the start because a) you use passwords easy enough for you to remember, and b) you rely on email reset, which travels the public Internet in plain text.
Furthermore, nice assumption under 'a'. Mnemonics are a powerful learning device for memorization, I advise you look into them. The human memory is a powerful thing and committing several randomly generated password consisting of 20-50 characters it not "impossible".
https://en.wikipedia.org/wiki/Grand_Master_of_Memory
I do not remember my passwords. I remember mnemonics which help me remember my passwords. It's not entirely foolproof but it is far more secure than a single-failure-point system.
I have no doubt you can memorize several very strong passwords, but there is a limit to how much randomness anyone can memorize. I've got over 100 passwords in my manager, counting both personal and professional accounts I need to keep track of.