Jump to content
  • Announcements

    • AutoShopOwner

      Advertising & Promoting Your Company On AutoShopOwner - Information   02/25/2017

      This message is only shown to FREE members and goes away after subscribing to a paid membership. If you are joining AutoShopOwner to promote your business, service, or product to this community of auto shop owners, please subscribe to a Sponsor Member Annual Package before doing so. With the correct membership, you will have the ability to post about your company in your posts and forum signature.

      You can upgrade your existing membership here.

      All marketing attempts to this community without proper membership level and/or approval by staff, will be considered spam, result in topic/post removal, and a warning, which can lead up to the banning of your membership, company and/or product on all pages of AutoShopOwner.

      Thank you for your support.

He died. Now what?

Recommended Posts

This post is a mini-how-to that some might find useful on the topic of Password managers.  If you are already using one, skip this.   In another thread, @Marksas said: 


Another thing to remember if you create all this stuff then you need to have great notes for your spouse so they can follow it should you get hit by a truck tonight. I keep and encrypted document that is updated pretty much daily of every web log on, every account, company information, points of contacts and any important information. She has a hard copy which also has the information of where the live document is stored with the most up to date information. My daughter has a copy also and pretty much is a signer on all bank accounts. Part of the struggle of being a business owner is that everyone tells you how to make money and then when you do it gets a little more complicated in trying to figure how to keep it.

This is a great practice and in my case very-very important, because when I die, the business needs to be sold.   My wife can't run it and my kids don't want to run it.   She can probably keep it afloat for a very short period.    So, I too keep an encrypted file and in this file, there's an entry entitled "Brian Died.  Now what?".   I've left a printed piece of paper in a known safe spot that says to open Keepass and find this entry.   It is a roadmap of what to do, who to contact and everything else that needs to remain confidential.   The first item is the name of a business broker, then the life-insurance policy, etc.  Some of this can be printed, but the advantage of being here is that I can update it as needed and it's current.  Now, I'm a forward-thinking kind of guy, so in the URL field, I've left my new address:  http://www.heaven.com.   (I sure don't want to have to do an address change).

I use a program called Keepass (http://keepass.info/).  It is an open-source password manager.   For the longest time, I avoided these tools like the plague to make sure that they are safe.  They are now at a mature stage.    Another similar and good tool is LastPass (https://www.lastpass.com/)  And there are others, but I've only used these two.   Lastpass might be easier for some to learn and use.   I can give you my encrypted password file and I'll be dead before you are able to break in if ever at all.    The great thing about these tools is that I have to remember one reasonably complex password and it stores a unique password for every site I visit.   I have well over 100 personal passwords in there now and it just keeps growing.   All of my passwords are 20 random characters unless the website won't take that many.  I don't worry about one password being stolen anymore.

I'm going to mention many downsides below that might seem daunting, but they are just learning challenges.  The upside is way better than all of these downsides.

There is a downside to using these tools.  You need to learn a new process to login.  And if you have to login via mobile phone, it's even harder still and also a different process.   But, once you learn these two methods, it's the same login procedure for every website you visit.    When I introduce people to this tool, I make them put 3-4 passwords in for sites that they might visit sometimes (Amazon, ebay, craigslist, whatever), but not often.   Then practice logging in and out over and over until they get it.   The reason for this practice session is that if you complicate their lives too much all at once, then it's an instant quit.  If they can't access a needed site right now, the tool is too complex.   I've gotten my dad and my father-in-law to both use this tool and they are both mostly computer illiterate.   My mom would burn the computer before trying to learn it.   After fighting it for over a year, my wife is finally almost on-board.   It's like breaking horses for many, but hey, even I started with a practice set.

There is one more downside to this type of tool and it's the typical startup issue.  You have 10's if not 100's of sites that you log into.  You will need to login to each and every one and change your password to take advantage of computer generated random passwords.   The good news is that you can do this ever so slowly, or in bulk, but still one at a time.   Just today, I found another site that I had a login and it wasn't in my database.  I updated my password file and changed the password on that site.   For this one, I had to issue a forgot my password request, then change it.   Now, I can't forget it.   The process to changing your password is different on every website.  Create the password entry in keepass, then copy the generated password to the website when it asks for a new password and save the changes.   I always follow this by logging out of the site and logging in again with this new generated password.  If I did it wrong, I know right away and fix it.

One more downside is that automation is spotty.  In other words, for some websites, I can click CTRL+ALT+A and my password is auto-filled.   On others this shortcut does not work.   In a number of cases, I think the webpage is purposely trying to defeat automation to protect itself from bots.  When the keyboard shortcut does not work, then I resort to drag-and-drop or copy and paste.  This always works, but it's more work.  If I'm teaching a novice, I prefer to have them use a method that ALWAYS works rather than letting them try to understand failure modes and yet another method.

In the password manager, one can create entries for anything, but mostly, one entry equals one website that you visit.   It has a shortcut name, your username, your password and a URL to the site.   It also has a notes section that lets you put freeform text.   For instance, you can note a PIN number associated with an account.  Or, sometimes they ask me silly questions that I will never remember the answer to, such as What was the color of your first dog?   I can just note Dog color: Blue in the notes and now it's remembered.   When I create entries that are not passwords, I just ignore the other fields.  Shortcut name and Notes is all I need for those.

The password file itself is stored in a cloud directory, such as Google Drive, or Microsoft OneDrive, etc.   This lets you access the same file from your phone, tablet, work computer or home computer.  You just need an internet connection.    Also, you can have a work password file and a home password file.   The work password can be shared with trusted managers and they only have access to what's provided in that file.  It allows you to run a robust password mechanism for your work remote logins.   The number one rule for password managers is:  DON'T lose the master password.  There are no second chances, such as I forgot my password.  Now, it's I forgot ALL of my passwords because they are locked away forever.  (Yep, I have a dead lastpass account, but luckily, it only had 1 or 2 test passwords).   I make backup copies every once in a while in addition to my normal backups (I'm paranoid).

If you've not tried a password manager, it's worth trying now.  Start with a small test.  Practice and don't give up.

Edited by bantar
  • Like 2

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now