password storage options (1 Viewer)

vba_php · Dec 4, 2019

how do you guys do this? I've always stored mine on an external drive in an xls. What I'm considering doing now though, as an alternative to saving passwords in the browser's memory, is to write a script similar to my FAQ here about automating internet explorer with visual basic. This way I don't have to copy and paste the strings from xl to chrome. I haven't let my browsers store my passwords for a while now, but I used to do it all the time. What do the experts say about storing PWs in browsers' memories? I've heard they advise against it.

If I do go with a script to replace my manual method now, it won't be visual basic. Does anyone know if other languages have browser libraries and libraries that allow the languages to interact with spreadsheet objects? My current boss told me he wrote a Python script to try and automate the lookup of PO numbers in an internal database, which led me to believe that Python could do what I want. From everything I've read about Python, it apparently has a very extensive library?

Richard...where are you when I need you!?

The_Doc_Man · Dec 4, 2019

I just use an .XLSX file in which I have a couple of patterns but not the actual password. The patterns don't tell you the actual password but they DO tell you what government standard I used to construct them.

pbaldy · Dec 4, 2019

The IT people at my wife's previous employer (the lucky so-and-so has since retired) recommended a password manager, though I haven't pulled the trigger on that.

On my laptop, which is password protected, I let the browser store them. I also have a file stored in a secure cloud storage.

Galaxiom · Dec 4, 2019

vba_php said:
What do the experts say about storing PWs in browsers' memories? I've heard they advise against it.

You can simply view the saved passwords in browsers. There was a time when you needed a software tool but that is long gone and you just click a link.

vba_php · Dec 4, 2019

The_Doc_Man said:
I just use an .XLSX file in which I have a couple of patterns but not the actual password. The patterns don't tell you the actual password but they DO tell you what government standard I used to construct them.

i don't think I get it Richard. r u doing this so you can keep the actual pw's away from hackers if they ever got a look at your machine's local content?

pbaldy said:
The IT people at my wife's previous employer (the lucky so-and-so has since retired) recommended a password manager

I will never do this. I'm not sure why I first decided against it, but I think according to some expert news I've read, it's not good.

pbaldy said:
On my laptop, which is password protected, I let the browser store them.

according to Galax, these can be seen?

Galaxiom said:
You can simply view the saved passwords in browsers. There was a time when you needed a software tool but that is long gone and you just click a link.

what do you mean by this Galax? r u talking about viewing the pws' literal strings in the settings portion of the browser? I believe chrome lets u do this. what r u talking about when you say "just click a link"?

deletedT · Dec 4, 2019

vba_php said:
how do you guys do this?

LastPass.
Am using it for years even for my credit cards details, Bank Account, Sensitive notes.
Never had a problem.

deletedT · Dec 4, 2019

Galaxiom said:
You can simply view the saved passwords in browsers. There was a time when you needed a software tool but that is long gone and you just click a link.

You must have a master password to be able to view the saved passwords.

deletedT · Dec 4, 2019

vba_php said:
according to Galax, these can be seen

No he is wrong. You need a master password to view saved passwords and a master password is never saved in browser. You must know it.

At least in Chrome, Firefox and Opera. I'm sure Edge is the same though I have never tested it.

If you don't trust Chrome for your passwords, you won't probably find anything else more secure. You better memorize them.

Galaxiom · Dec 4, 2019

vba_php said:
.according to Galax, these can be seen?what do you mean by this Galax? r u talking about viewing the pws' literal strings in the settings portion of the browser? I believe chrome lets u do this. what r u talking about when you say "just click a link"?

Chrome and Firefox you can see the plain text passwords from the browser.

IE and Edge: Control Panel > User Accounts > Credential Manager > Web Credentials.

Choose the credential. There is a "Show" link next to the password.

Galaxiom · Dec 4, 2019

Tera said:
You must have a master password to be able to view the saved passwords.

Nothing about a master password on my Chrome. I can click a link and go straight in.

I wouldn't store any critical password in any browser.

I have programs that extracted the text from encrypted passwords in both IE and Chrome before they made them directly accessible.

deletedT · Dec 4, 2019

Galaxiom said:
Nothing about a master password on my Chrome. I can click a link and go straight in.

Maybe we are talking about different things. What you're describing is how chrome logs in different sites. Not how chrome stores the password. In chrome, click 3 dots button on the top left corner, then settings. Type passward and select passwords menu.
You see something like this:

If you click the eye icon to see the passwords, you have to type a password. Maybe you call it something else. We call it here Master Password.

Galaxiom said:
I have programs that extracted the text from encrypted passwords in both IE and Chrome before they made them directly accessible.

I had those programs too. And none of them works anymore on Chrome. But even if your software still works on chrome and is able to extract the Passwords, a hacker won't be able to install a software and run it locally on your PC by breaking into your router, unless you allow him to control your PC with a remote control program and sit watching him run DOS commands, as Adam did. And that is not Chrome's fault. It's user's.

And that's not breaking into your PC. That's simply you give a third person having full control on your PC.

deletedT · Dec 4, 2019

Galaxiom said:
Chrome and Firefox you can see the plain text passwords from the browser.

How exactly? I'm eager to see how it is possible.
Thanks.

The_Doc_Man · Dec 4, 2019

Adam, you are correct in your guess. If the machine is hacked, you might guess enough to know how many characters of each type (upper, lower, digit, special) I used but you would not know which ones unless you knew my code. And you would not know which of two different series I used.

Galaxiom · Dec 4, 2019

Tera said:
Maybe we are talking about different things. What you're describing is how chrome logs in different sites. Not how chrome stores the password. In chrome, click 3 dots button on the top left corner, then settings. Type passward and select passwords menu.

If you click the eye icon to see the passwords, you have to type a password. Maybe you call it something else. We call it here Master Password.

That is exactly where I am talking about. I doesn't ask me for a password. Maybe there is a setting for a master password somewhere.

I had those programs too. And none of them works anymore on Chrome. But even if your software still works on chrome and is able to extract the Passwords, a hacker won't be able to install a software and run it locally on your PC by breaking into your router,

The password readers I have do not required installing. They are very small executables.

Such things can be easily put into the computer as a drive by download. There have been plenty of security bugs in browsers that provide elevated privileges.

One should never underestimate the extent of threats.

Gasman · Dec 4, 2019

My Chrome specifically asks for my windows password I logged on with when I do that?

Tera said:
Maybe we are talking about different things. What you're describing is how chrome logs in different sites. Not how chrome stores the password. In chrome, click 3 dots button on the top left corner, then settings. Type passward and select passwords menu.
You see something like this:

If you click the eye icon to see the passwords, you have to type a password. Maybe you call it something else. We call it here Master Password.

I had those programs too. And none of them works anymore on Chrome. But even if your software still works on chrome and is able to extract the Passwords, a hacker won't be able to install a software and run it locally on your PC by breaking into your router, unless you allow him to control your PC with a remote control program and sit watching him run DOS commands, as Adam did. And that is not Chrome's fault. It's user's.

And that's not breaking into your PC. That's simply you give a third person having full control on your PC.

deletedT · Dec 4, 2019

Galaxiom said:
That is exactly where I am talking about. I doesn't ask me for a password. Maybe there is a setting for a master password somewhere.

The password readers I have do not required installing. They are very small executables.

Such things can be easily put into the computer as a drive by download. There have been plenty of security bugs in browsers that provide elevated privileges.

One should never underestimate the extent of threats.

thanks for the clarification.

Gasman · Dec 4, 2019

Galaxiom,

Do you log on to your PC with a password?, as my Chrome asked for my windows password.?

Galaxiom said:
That is exactly where I am talking about. I doesn't ask me for a password. Maybe there is a setting for a master password somewhere.
.

Galaxiom · Dec 4, 2019

Gasman said:
Do you log on to your PC with a password?

Not at home.

Gasman · Dec 4, 2019

Galaxiom said:
Not at home.

Well I am just thinking, that if there is no password to log on with, then there is no password to use when viewing the passwords?

Be interested to know the result.

Galaxiom · Dec 4, 2019

Gasman said:
Well I am just thinking, that if there is no password to log on with, then there is no password to use when viewing the passwords?

Be interested to know the result.

What I meant by "not at home" is that I don't have a login password on my computer at home. I believe your inference linking the two is correct.

password storage options (1 Viewer)

Forum Troll

Immoderate Moderator

Wino Moderator

Super Moderator

Forum Troll

Guest

Guest

Guest

Super Moderator

Super Moderator

Guest

Attachments

Guest

Immoderate Moderator

Super Moderator

Enthusiastic Amateur

Guest

Enthusiastic Amateur

Super Moderator

Enthusiastic Amateur

Super Moderator

Similar threads

Users who are viewing this thread