Here's the END of Weak Passwords - Comments Page 1

For some sites LastPass has an autochange feature where it will "go" to the site, update you password with a secure one and update in your password store.

On Android 7 LastPass can autofill in some apps and websites if you let it.

Thanks for a great article, Bob.

Why would anyone in his right mind entrust ALL his passwords to an entity that “generously” provides a password manager app?

How can one be sure that the precious information would not be stolen, sold or abused?

Re: Unitary's comment. I totally agree with you, and that's why I have an Excel spreadsheet (password protected, of course) that contains all my account logins and their associated passwords. I would never trust one of those password managers. What if they went out of business and closed up shop?

Bob ... What about RoboForm???????????? This is the Password Manager that you have used for years! I finally got my subscription to RoboForm Everything for several years, since I know that you highly recommended the program.

I did use LastPass, both the Free and Paid Subscription versions. I became dissatisfied with LastPass, it was becoming more complicated than I wanted. So, I tried RoboForm, the Free version at first. I liked it, I like it a lot and made the decision to purchase the RoboForm Everywhere Subscription for 3 full years, due to a great price ... Much better than what LastPass was offering.

So, I have noticed that you have not mentioned RoboForm in the last couple of articles and I am wondering why?

Another major gripe of mine ... My financial institute will only allow letters both small or capitalized and numbers. You can NOT use any special symbols or web dings or etc,! This is so frustrating since those special symbols or web dings or whatever helps make for good solid passwords!

Another thing on my mind ... With ALL of these changes to the Browsers and they are supposedly trying to "protect me" ... Yeah right, and I have some swamp land to sell to you, as well!!! Bottom line ... I can NOT get any pages to open without my browser telling me they are NOT SECURE!!! What is going on with that B/S???????????????????????????

Yes, Bob, I am mad and mad as HE!! ... I can't get to ANY Webpage without this warning. It is going beyond stupid, in my book. Bob ... YOUR own website is considered NOT SECURE ... Even with the https: ?!

It seems as though NO ONE has upgraded or updated their Certificates!!!

Bob, I am NOT mad at you ... I am just totally frustrated at this point in time, trying to get to web pages without a hassle.

MmeMoxie -

Suggest you check the time and date on your PC to make sure it is all set correctly. An out-of-sync time/date setting will generate this kind of warning wherever you go on the web.

Regarding comments about storing your login information on a password manager's server (read honeypot), here's something to consider.

Take a look at Enpass. This password manager saves your data, encrypted, on your computer. If you choose, you can use your own account on one of several cloud services to sync an encrypted copy of your data for use by your other devices. You are in complete control of where your data is stored.

You can also do, as I do, and use your backup device (NAS) to sync the data with your other devices.

It supports autofill/submit, storing other data that you want to keep secure, statistics on age/strength of passwords, and strong password generation, with the ability to set the rules used so you can insure that the password will pass the idiotic rules set by online services. This list of features is not complete, just items I feel are most important.

I use it with FireFox and Chrome, but I'm sure that it supports other browsers, as well.

Best of all it is FREE for desktop/laptop computers (Windows/Mac/Linux) and a small ONE-TIME FEE (no annual subscription) for phones.

On the couple of times that I've required their tech support, over the years, it has been excellent.

So you know: I am not affiliated with Enpass, in any way, other than being a very satisfied user of their password manager.

I just ordered a Google Titan key fob. It's like unlocking your car. You hit a button and it opens.

@Dan --- Thank you for the suggesting & taking the time to tell me. I did check my time and date on my PC and everything is correct. I also have Bitdefender Total Security 2019, the newest version. In all honesty, I have been having problems with getting on all of the websites, since I was upgraded. I purchased a 3-year subscription to Bitdefender Total Security for 5 devices, due to the excellent price.

I also had been using Bitdefender the Free version for a while to see if I liked it & I did. I tried uninstalling Bitdefender to see if that was the issue ... It didn't matter, I still had the same problem. I also tried different browsers & they did the same thing.

Now wait a minute, I think I still was using Bitdefender when I tried the other browsers, so Bitdefender may be my problem. Oh, I do hate to think that, but I must resolve this issue.

Again, thank you, Dan, for responding & for your suggestion. It wasn't the problem, but it got me to think about what truly may be my problem.

I tried RoboForm, didn't like it. I like Dashlane a lot, but lately it is somewhat wonky on my Win 10 PC, not always offering to fill in passwords, etc. It is possible it is Chrome that is wonky.

I guess I'll start using Safari more on my iPhone. It is a bit of a hassle to log in on Chrome (my preferred browser), necessitating cut and paste.

We've been using RoboForm and RoboForm Everywhere for years with few or no issues. Everywhere requires a master password for access either on PC or mobile device.

Mike’s post about Enpass actually provided an excellent corroboration of my previous post about the perils of entrusting ALL your passwords to some entity.

Mike wrote that Enpass was an excellent tool and, “Best of all it is FREE for desktop/laptop computers“. Moreover, Mike also got excellent technical support.

If the Enpass app was created by a business, rather than by some charity, and this business generously provides its app and technical support free of charge then obviously this business makes a profit by selling something else.

That “something”, which is the REAL product sold by that business, might be the very sensitive data of the users.

Note: I do not know the people that provide Enpass and I definitely do not accuse them of any wrongdoing. I just point out the huge risk of entrusting your passwords to some business entity.

WOW ... I can't believe it!!! Bitdefender is my problem!!!

I am not using anything, at the moment. I was able to access Bob's web page without all of the damnable "Not Secure" B/S!!!

I apologize for my language, but I have been fighting all of this for one month! Needless to say ... I am very irritated. Just to find out that Bitdefender Total Security has been my problem all along. I had not had any issues up until Bitdefender was upgraded to Bitdefender Total Security 2019. I am wondering if, there is a "bug" or just what in the devil is going on???

If, it is Bitdefender ... My money has been wasted. I can't even go to https: websites without Bitdefender telling me that the site is UN-SAFE ... CERTIFICATE INVALID.

I say ... IF ... There really are new guidelines for AntiVirus/Malware programs ... Why haven't all of the Websites know about it??? Just asking ...

I OBJECT!
#1 I do NOT WANT my PHONE password protected or otherwise LOCKED so that in an emergency ANYONE picking it up cannot use it!! I do not use my phone as a computer, I use it as a PHONE!
Yes, someone could get my contact information . . . Oh, and by the way they could find my emergency contact information when I have had a stroke and am lying in the middle of the street!!!
I think we need a way to SEPARATE communication from "computer applications" if they are both going to reside on a PHONE.

#2 I will be darned if I will trust my passwords to an online service that can be (and has been) hacked! I have an encrypted file for passwords on my computer and on my phone that is password protected. I have used this system for going on 20 years now and find it much safer than a password manager that has been hacked! (Secret! by linkesoft)

#3 I particularly do not want a face ID, fingerprint scan etc to unlock my phone or computer. I am over 70 years old and I do not want my family locked out of these devices when I DIE!!! Like most people today, ALL of my financial records are on my computer! All my family needs to have is the password to my encrypted file and they can access any information they need. Can you imagine having to hold up my dead body in front of the computer to access that information to settle my estate!!!

@Ken Heikkila ... Just to let you know that RoboForm has the same problem. There are several websites passwords that RoboForm or LastPass were not able to "fill-in" and it was very frustrating for me, as well.

My financial institution will not allow any password manager to "fill-in" for you ... You must do it yourself. Somehow, they are tracking keyboard logging, so see if a person is actually signing in. For my protection on that ... I use KeyScrambler and my key logging is scrambled to other eyes.

I've been using Blur by Abine for three years, it integrates across all my devices and browsers, Windows, Apple and Mac. Safari tried to disable it when I updated to 12 but it was easy enough to override that. I've had no problems with it, it can be customized at any website that has special requirements (and some do), it's flexible and useful. I've compared it to others as renewal was coming up and it has everything the "name" ones do.

I'd never use a cloud based password manager and certainly not one Google puts out. I don't even use Chrome but less than 1% of the time, just because they're so dang arrogant in deciding for me what my browser should look like. I customize and anything that doesn't let me do that the way I want, let alone tracks me everywhere I go is not my friend. Evil Empire and all that.

Medical sites of all types are the worst. Eight characters max and no symbols. Many assign a trivial, easily guessed password and DON’T LET YOU CHANGE IT!

I’m 78 years old so I’ve had plenty of experience with medical potrals, etc.

I have been using LastPass for a few years for some of my passwords (not the critical i.e. banking ones). What I do not like about it is that I have to type in the password for LastPass every time I need it to get my password. (I suspect this is a recent change). Surely if some hacker managed to put a keyboard monitor on my computer that escapes detection of my antivirus software, then all is lost?

@MmeMoxie - Good job working out the real problem. The time /date mismatch came to mind because we intermittently see it at my work (smallish school system with 500 computers). A student computer that hasn't been pulled out of the storage cart for a while will sometimes lose track of time - especially if the CMOS battery is beginning to grow weak.

A quick check of forums turned up plenty of financial practice / ethical complaints about BitDefender, but no specific operating problems as you reported. It is possible that BD and some other AV product will run well separately but will not play together nicely.

The school runs only the educational version of Avast; the only infection in three years that wasn't caught at the source came from an infected flash drive brought in by a clueless teacher.

FWIW, I run only the paid version of AntiMalware Bytes on my personal main and financial computers and let AVG Free take care of the subsidiary/ refurbished computers I handle and repair. AVG nags a LOT but seems to do an acceptable job.

I noticed you didn't mention Keepass. Do you have an issue with it?