I have a Dropbox account anyway, and store everything on it (even my download and temp folders).
That means that I can pick up any device, from iPhone to desktop, and know that everything is on it. It has the advantage over iCloud, OneDrive etc that it is OS agnostic.
That means that 1Password 4 works extremely well for me, but if you don’t have Dropbox, I guess you need another solution.
In that case, your biggest security risk are the files on your dropbox storage, because while they are encrypted in transit and at rest, the keys are managed by Dropbox and if that gets hacked, an attacker can read all your files.
The passwords would be safe, as the file you store on Dropbox is encrypted using a key that is not on dropbox.
Qalupalik wrote:
Aren’t passwords obsolescent with the emergence of companies like Trusona?
Unfortunately not. The main issue is adoption, and resistance by a large (but decreasing) number of idiots “experts” in coroporate I security, who come up with stupid password policies which are impossible to do without writing anything down.
You only need to see what happens if you try the “next best thing” in the current world, with “two-factor authentication” using second one-time-password. I have at least four different 2FA apps, and SMS, to do this, because nobody can agree a standard (fortunately, Google Authenticator seems to be supported by many).
And while in the “retail” world single identity with Google ID and Facebook seems to be more and more common, so you could call them an emerging standard, you have to be quite careful whether you want everything you do linked to an ID managed by companies which make money from selling your data, and/or using it to direct advertising at you.
In the professional world, I see more and more Azure ID / Office 365 usage; although Salesforce ID is used by others.
Peter wrote:
any programmers use Truecrypt or Veracrypt and this creates a highly secure encrypted partition on your HD
I wish Microsoft made Bitlocker part of the standard Windows version, and turn it on as a standard (and Apple would do the same with FileVault 2).
It would overnight remove the risk of data being ripped from a stolen computer from the majority of Windows computer users, at least for those who use a halfway decent Windows password.
Re dropbox, if you sign out and sign back in (e.g. to check a password change) they kick you out permanently if you have > 3 devices registered, on the free account. A really aggressive move.
Maybe the days of everything on the internet being free are over?
That’s a funny comment considering where you are writing it 
A really aggressive and sneaky move no matter how one looks at it.
Oh, all right then, under that heavy sales pressure, I’ve bunged you a few bob 
WOW thanks
No pressure intended
However I am looking at alternatives, because if somebody screws you in this way, they might do something worse. There is stuff like Owncloud. Google Drive also works, though with poor integration into Windows. I did discover one interesting thing though with dropbox: the 3 device limit doesn’t apply to “apps” and a Synology network drive (which has a dropbox client, out of the box) is treated as an “app” even though it is a physical device. This allows you to have one of these network drives on a LAN and have loads of PCs etc having dropbox access.
Has anyone tried Kaspersky password manager?
They appear to store the stuff locally on each client, so there must be a periodic sync taking place, and this must be coordinated via their server.
There doesn’t appear to be a backup option i.e. no explicit access to a file containing the credentials, which you could decrypt if needed. But few if any of the various password manager apps offer that – as well as having windows and mobile device compatibility.
