Setting Up a Password Manager
With most people realizing how important passwords are and the lack of ability of most humans to memorize unique more than 16 character password that adds at least one numeric, alphabetic (upper and lower case) and special case character, password managers appear to be the solution.
A password manager generates these passwords for you, and all you have a do is memorize 1 strong password. You can use the app to access the passwords you need to login for Gmail, Facebook etc. It will make accessing your account extremely hard be guessed and a strong defense against phishing, malware and against being cracked.
I am dumb dumb, no need to memorize many strong password, only one.
Popular Password Managers:
The password managers below all work the same:
Hash your master password Sync functionality with encrypted database Use AES 256 encrypted database
Lastpass: https://lastpass.com Benefits
Browser integration Automatic password changes/logins Country Restriction Disadvantages More likely to be compromised with browser plugin Need to host it on cloud (Dropbox/Google drive) Cost money $1/month Was compromised https://blog.lastpass.com/2015/06/lastpass-security-notice.html/
Passwordstate: https://www.clickstudios.com.au/ Benefits
Free for up to 5 users Disadvantages Consistently updated (Monthly builds) Enterprise directed
Open Source Complete Control Customizable Stored locally
Relatively Ugly UI (fixed by https://github.com/keeweb/keeweb) More tinkering
Dashlane: https://www.dashlane.com/ Benefits
Clean UI Integration with common apps Mobile Friendly Disadvantages Cost money for important features (Secure account backup, 2-factor authentication (U2F))
This wiki explores the different types of password managers. Most of it boils down to convenience vs security.
I am using keePass for the reasons above. I value control and I do not like to sync my passwords. KEEPASS
First to start off, create a master password in your head. Try to spend a few days to memorize it before you start changing anything. It should be pretty long, a good estimate is that it should contain 25+ characters. DO NOT use a password you have used in the past. You can add numbers and other special characters into the password. That is up to you. Above all else, it should be memorable.
But, as this answer states: https://security.stackexchange.com/a/29865/148369
Strong property has inverse relation with memorable.
Example: accuracycrummiest 334 denatured waltz Salami 10
The example above is 43 characters long, and contains alphanumeric characters. Disclaimer: DO NOT use this, and no, this is not my password.
I used this site to help with word choice: https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt
I have downloaded a keeWeb application (I personally find the UI nicer)
[robert@localhost Downloads]$ unzip KeeWeb-1.5.4.linux.x64.zip /home/<username>/Password-manager [robert@localhost Downloads]$ cd /home/<username>/Password-manager [robert@localhost Password-manager]$ ./KeeWeb [robert@localhost Password-manager]$ sudo dnf install keepass
Now it is just easy UI work from here.
After typing in the fields and hitting save, you can add passwords within your file.
This file is portable! You can send it to yourself through email, or keep a localized version on your phone. That will be saved for part 2.