10 replies to this topic

[Technique]

I just ran CCleaner, Adaware & SuperAntiSpyware, as i do every now & then (without problems)

CCleaner has the cookies box unticked.

So i ran & removed the results. I then go to various websites, forums, and all my auto logins have been erased.

Some websites i need to totally enter the information in fresh, other websites such as Neowin, i just need to double click the Username field box & it brings up my name, i select that and it auto fills in the password.

Beforehand i didn't even need to do this. I just needed to click the bookmark in my favourites & i was auto logged in.

Why the change & how do i stop it happening again? I can only think it's due to the progs i ran, but i've been able to do it before without issue.

[J_R_G]

This can happen sometimes for no apparent reason, if the browser data gets corrupted or whatever. I suggest using lastpass, it's a program that will save username/password combos for websites, and automatically fill them in so you just need to hit the log in button. A benefit of this is you can use more complex passwords since you don't have to remember them, you just have to remember your lastpass master password. LastPass also encrypts your username/password data before uploading it to it's servers, so it's secure even if someone were to break into their servers and steal all their users' data.

[Technique]

Hmm, that sounds good, and having such a program on the PC sounds great to me, but uploading my passwords to the tinterweb sounds very risky, even if it is encrypted.

If it's a few passwords for some forums then there's no big deal, but if we're talking banking details then it's a bit different.

[+BudMan]

Well then use keepass which a local password manager.

[Heartripper]

It looks like your cookies have been deleted. If it wasn't CCleaner, maybe they got corrupted for some reason and erased. Check if after logging in and restarting the browser auto-login works againg.

[Technique]

Thanks Budman.

Auto-log in is working again, but i'm having to manually sign in to all websites that require a log in. Some websites i can just click the field & it'll bring up my username & when i select it'll auto-fill in the password. Other websites don't remember anything & other websites only remember the password (although the majority fall into the first category).

[Technique]

Has anyone else used LastPass & can comment on its security? As in, what about the guys who run LastPass - the chances of them (or anyone) gaining access & raiding your bank account?

Tried Keepass but don't really like it.

[xSuRgEx]

Technique, on 11 February 2012 - 21:53, said:

Has anyone else used LastPass & can comment on its security? As in, what about the guys who run LastPass - the chances of them (or anyone) gaining access & raiding your bank account?

Tried Keepass but don't really like it.

this is what i use

http://yubico.com/yubikey

goto the store and get whats right for you.

http://helpdesk.lastpass.com/security-options/yubikey-authentication/

you shouldbe safe with online banking esp in the uk, almost all uk banks have 2 factor authencation using a ID number password/passcode and a physical token generated number, kinda like the google authencator.

[+BudMan]

Been running lastpass for quite some time, I even moved to the premium paid version a few months back.

Can not say enough good things about the product. Its one of those must have tools, I would be lost if had to stop using it to be honest. If you worried about storing your password on a server somewhere..

Passwords are encrypted - encryption and decryption is done on your machine. Do some sniffing you want, do a man in the middle on your self to see what is sent in the SSL connection to lastpass servers if your that worried.

Create a cert, use of stunnel -- pretty easy to do a mitm attack on your self to sniff ssl traffic. Here http://www.webos-int...le_technique%29

[z0phi3l]

If you're using Chrome it will do that after an update. Not that big a deal

[Technique]

I have chrome installed but don't really use it.

BudMan, on 13 February 2012 - 13:49, said:

Do some sniffing you want, do a man in the middle on your self to see what is sent in the SSL connection to lastpass servers if your that worried.

Create a cert, use of stunnel -- pretty easy to do a mitm attack on your self to sniff ssl traffic. Here http://www.webos-int...le_technique%29

kjfhjkdsf dslhfds jfhdksj fdslf h dkshf dslhf ldsjk fhdkjsghfkdsjghf dskhgfdksjfyh dsjh

Yeah, i didn't understand you either. LoL. Don't worry, i don't know what you were saying & it is likely going to be too painful trying to understand, so we can leave it at you having said something to me, me not knowing what you said & we can both be happy with the fact.