Newbie question re: How am I protected if . . .
I have never used a password manager and have a folder with four pages of logins and passwords; its time.
I am setting up a trial version of 1P for Mac. I have it running on iMac with several logins and syncing to iPad mini; the learning curve is steep at this point (especially on iOS version) but all seems to be working well. I believe my question boarders on Philosophy, as much as anything else.
Bearing in mind that I do not know how this system works -
The situation : a vault containing several logins; each login is associated with a password generated by 1P with a STRONG recipe.
My question: if the Master Password is compromised (mine is a sentence of 25 words, several punctuation marks and Capitalizations) would not the hacker be able to lift those items to their own version of 1P ( OR, actually having my computer in hand ) and login to my Bank as I do ?
It seems to me that within the vault, the password is not material to the security of the login (assuming content and length requirements are met).
Obviously, having all my logins and passwords and other stuff within a single, strongly locked vault is preferential to all the logins and passwords just floating around, ripe for the picking, but still. . . .
Thanks for your time,
Roger
Comments
-
The keys are strong encryption and a strong master password. They make it essentially impossible for someone without your master password to ever break in to your data in the first place.
When I was starting with 1Password and musing about security, I found this blog post, Toward Better Master Passwords, to be very enlightening.
0 -
I read those articles; VERY interesting. Learned a lot.
Thanks for the reply - just the information i needed. Took a PDF of the Diceware word list to fool around with.
Interesting to me that the MP i have is not as strong for various reasons as a 4 Diceword sentence.
Thanks,
Roger0 -
I gather that the current recommendation for Diceware is six words. It was upgraded from five fairly recently.
0 -
Hi @lasllcap,
I'm glad that article was helpful for you! It sounds like you already have a pretty strong master password, but that blog post should be helpful if you want to make an even stronger one.
It's great that you're thinking about the security of your data and asking questions. If you're interested, you can find a lot more information in our Security Knowledgebase. If you have more questions, please let us know - we're always glad to help! :)
0
