I started to look for a password manager because trying to remember all the unique passwords for all web services is doing my head in. At the moment I keep my passwords in a small notebook but I don’t always carry it with me and there is a risk that it may end up in the wrong hands or get damaged.
So I found this Masterpassword program that doesn’t actually store passwords. It generates them on demand by using a combination of your name, your master password and the website you want to log in to.
That sounds pretty cool since you have to remember only your name and the master key/pass. Plus there is no database to be broken into.
However when i downloaded the program for windows and launched it. I tried to create a new User but when i press OK, nothing happens. It doesn’t create anything. Also you need Java framework for it to install.
Then I tried the web version which is either not ready or behaves very awkwardly. I created a new user with my Master key or pass. And then I can type the name of website I want a password for. As soon as you start typing the algorithm starts spewing out random passwords.
The problem is that it doesn’t store the URLs that you use the passwords for. It doesn’t store your master key or your username. So If you type in your Master password incorrectly it won’t give you any error. Instead it will generate new password combinations for a new user even if the User names and URLs are identical.
If you make just one accidental character change in your Username and/or Master password and/or URLs the passwords generated by the algorithm will be different and you may never be able to get inside your other accounts. See over here I added www. in front of amazon and the password has changed completely.
To make things more complicated you have to remember the combination you used for each URL. So Number 1 or 2 or 9 or 94 and whether it’s PIN, short, Basic, Medium, Long, Maximum, Phrase or Name
IF you get any of these factors wrong just by 1 character you’re Fucked big time.
TLDR: There is no way to tell whether your passwords are actually yours or not because the website doesn’t save any of your settings. You have to perfectly recreate the settings each time you use it.
Does anyone have recommendations or alternatives?