Comments on: Should I use RoboForm?

By: Cd-MaN

Cd-MaN — Tue, 06 Sep 2011 14:13:16 +0000

@Anonymous – presumably the malware can copy your encrypted database (since it is already running on your computer) and decrypt it with the captured master password.

By: Anonymous

Anonymous — Sat, 01 Jan 2011 15:23:58 +0000

" (...) but it will see your master password (!!!). "

AND THEN ? What do you do with my master password ? I don't understand your whole post...

By: Pekanbaru Riau

Pekanbaru Riau — Tue, 26 Jan 2010 05:58:56 +0000

i don't trust programs to know when a password should or shouldn't be entered. i prefer to make that determination myself (though i'll still use a password manager to store and even enter passwords in an on-demand fashion). there are plenty of examples of sites that allow user-generated content that have been used for phishing attacks on those same sites (ie. think of a myspace profile page that looks like a myspace login page but isn't).

By: kurt wismer

kurt wismer — Tue, 26 Jan 2010 05:58:51 +0000

@marco ramilli:
honestly, password formulas seem like too much work to me. i think most people would be happier with something that stored and entered their 200+ different passwords for them than having to solve a puzzle (the formula) each time they wanted to log in somewhere.

and if trust is an issue, i'm pretty sure password safe is open source so you can examine the code and compile it yourself.

By: Marco Ramilli

Marco Ramilli — Mon, 25 Jan 2010 18:32:23 +0000

Personally I don't like password managers, especially if written by others :D. I don't trust... Why use a password managers when exist mnemonic password formulas ?
Here some links:
Link1,
Link2,
Link3 .

By: kurt wismer

kurt wismer — Mon, 25 Jan 2010 17:18:15 +0000

personally, i don't like my password manager to react in any way, shape, or form to web content (including the url).

i don't trust programs to know when a password should or shouldn't be entered. i prefer to make that determination myself (though i'll still use a password manager to store and even enter passwords in an on-demand fashion). there are plenty of examples of sites that allow user-generated content that have been used for phishing attacks on those same sites (ie. think of a myspace profile page that looks like a myspace login page but isn't).

if you want to be sure you're on the right page when you enter your password, there's a really easy way to get that - it's called a bookmark.