|
Crankit posted:Did anyone mention the importance of keeping software up to date? I assume that's fairly important, heck I'd guess out of date software is in top 5 reasons systems get compromised? I got fed up with Secunia PSI, since it kept going unresponsive or being unable to update things. Someone recommended PatchMyPC, and it's worked really well so far (about a month).
|
# ¿ Aug 11, 2015 14:34 |
|
|
# ¿ May 2, 2024 09:46 |
|
Last I'd heard, at least one of the major browsers stored saved passwords as plain text.
|
# ¿ Sep 16, 2015 19:49 |
|
hackbunny posted:So, anyone? It's not strictly a security tool, but it keeps all software up to date and it requires almost zero maintenance or human intervention. I was wondering if anyone else used it and if it's secretly terrible I don't know about security, but I stopped using it because it was slow as hell (i.e. tens of minutes to update a handful of programs). I've been using PatchMyPC instead and have been much happier with it.
|
# ¿ Nov 12, 2015 13:11 |
|
You can get an enclosure and slap your old drive in it.
|
# ¿ Nov 18, 2015 23:03 |
|
Is there a way to use two-factor authentication to open a KeePass database (preferably with Google Authenticator) that doesn't require entering 3 keys? That seems pretty prohibitive since it will take you 60-90 seconds to open your database. I know it's not a long time, but I'm sure it would drive me crazy before long.
|
# ¿ Feb 25, 2016 20:25 |
|
How would I use either the keyfile or the Yubikey on my phone?
|
# ¿ Feb 25, 2016 20:40 |
|
Out of curiosity, what did you find didn't work about the new UI? Granted, I only used the password feature so I didn't interact with LastPass much, but it seemed innocuous enough to me.
|
# ¿ Feb 26, 2016 17:48 |
|
Is this KeePass vulnerability the same one that was mentioned earlier in the thread? http://www.engadget.com/2016/06/04/keepass-wont-fix-security-hole-due-to-ads/
|
# ¿ Jun 5, 2016 11:53 |
|
I have my database and the executable in Dropbox and my key file elsewhere. I don't know how you could have managed to delete your database without realizing it, unless perhaps you didn't actually save it? As for the password requirements, you can get very specific with the generator in terms of length ad what it includes: upper-case, lower-case, digits, minus, underline, space, special, brackets, and even whatever "High ANSI characters" are. You can also save various generator profiles so you can have one for like "short dumb password", one for "20 character everything", and so on.
|
# ¿ Jul 12, 2016 18:47 |
|
galahan posted:This one may only be casually related to security, but http://www.geekuninstaller.com/ makes sure things cleanly uninstall, it might catch some crap ware and prevent winrot Does this do anything different/better than Revo Uninstaller? That's what I've been using for a while and it seems to work pretty well. Checks the registry and installation folder(s) for stuff left over by the program's native installer.
|
# ¿ Aug 29, 2016 02:51 |
|
OSI bean dip posted:If someone wants to write a sane guide to setting up a Raspberry Pi to allow for remote access, please do. I'm interested in doing this with my Pi. Could you elaborate on why guides that are out there aren't sane?
|
# ¿ Feb 4, 2017 02:52 |
|
If this isn't the right thread, apologies and please let me know where to ask this instead. Since Congress decided to gently caress over every single American Internet user today, I want to get a VPN. What's the best way to do that? I feel like I've read about putting OpenVPN on a router, but that seems counterintuitive to me - how can a VPN be on the same side of the modem as me? Besides, I'm sure my current one won't support that anyway. The other option I'm aware of would be paying for a service, but I have no idea which companies are reputable, nor how to choose among them even if I did know that. Please help, goons!
|
# ¿ Mar 29, 2017 03:37 |
|
OSI bean dip posted:You're better off just using a VPS. So you'd rent a VPS and then what, install OpenVPN on it? That sounds pretty doable.
|
# ¿ Mar 29, 2017 20:15 |
|
What's the best KeePass 2 program for Linux? I'm currently using KeePass2 on Ubuntu, but it takes a lot longer to decrypt the key than on Windows.
|
# ¿ Dec 30, 2017 03:28 |
|
Speaking of KeePass et al., I switched the storage from Google Drive to Dropbox a whole back since in either this thread or one of the Android threads people said it worked better with Keepass2Android, the app I've been using. However, it still doesn't sync from my phone. What other combinations should I try? I just downloaded KeePassDroid, but it can't pull from Dropbox at all.
|
# ¿ Sep 1, 2018 14:07 |
|
I did, and I agree that it's way more user-friendly.
|
# ¿ Jan 29, 2020 02:26 |
|
Subjunctive posted:There’s also Bitwarden, which does multi-device TOTP and client-side encryption. Wait, Bitwarden can generate TOTP tokens? That's great! Seems accessing a particular TOTP token might be somewhat less convenient than a dedicated app like Authy or Google Authenticator. I'll try it out for sure, though. Thanks for the heads-up.
|
# ¿ Jun 14, 2020 03:14 |
|
Bitwarden checks most of those boxes, except the VPN (which is really unrelated to a password manager) and password leak detection bit. For the latter, you can sign up for haveibeenpwned for email notifications.
|
# ¿ Feb 23, 2021 04:15 |
|
Oysters Autobio posted:So Bitwarden wouldn't work in terms of accessing the same set of passwords on my phone and my PC? Is there any way to have personal vaults but still be able to access them across devices? Bitwarden indeed can do that, just like any popular password manager. I may not understand exactly what you mean by "personal vaults", though.
|
# ¿ Nov 6, 2022 19:44 |
|
Lately my UniFi Network's security log has been picking up inbound requests pointing at my NAS. They've come from several foreign countries (I'm in the US). Some signatures are - ET EXPLOIT HackingTrio UA (Hello, World) - ET EXPLOIT D-Link DSL-2750B - OS Command Injection - ET EXPLOIT MVPower DVR Shell UCE Are these just random drive-bys that I don't need to be worried about? How do I tell if I should be worried? Why am I only seeing these things targeting my NAS?
|
# ¿ Apr 22, 2024 17:37 |
|
|
# ¿ May 2, 2024 09:46 |
|
It's a Synology. I'd have to remember what to check to see if it's set up to be internet accessible. If it is I probably did that so I could access Jellyfin content from outside our network.
|
# ¿ Apr 22, 2024 19:43 |