I feel like I'm not fully understanding how PM is better than having a list of user names and passwords stored in a password protected Excel file
I can crack a password protected excel file in no time.
or some other password protected PW manager. Either way, if someone discovers my master PW they have access to all of my accounts, don't they?
In order to have access to all of your accounts, they would have to have both your MPW *and* your RDF file.
I understand that someone can't just download PM onto their computer (or use the online version), use my master password and, without knowing all of my other default settings, generate my passwords. But...if someone were to hack my master password AND have my rtf file, or gain access to my computer and put my master PW into my PM Firefox extension they would be able to generate all of my passwords, wouldn't they?
Yes... but I'm afraid I don't quite get your concern. If your computer is compromised, it is compromised.
If I'm missing something, someone please explain what it is. Thanks!!!
There may be a few things you have not considered...
1. PWM does not 'store' your passwords, it generates them on the fly,
2. PWM will auto-input them, making it very simple and easy to log in securely to your online accounts,
3. There are certain 'tricks' you can use to add infinitely more security to your usage of PWM.
In reference to #3, consider this...
You have a bunch of accounts in PWM. You have them in different groups, organized by importance (Financial acounts, ISP/email accounts, web forums, etc).
What if you came up with your own little algorithm that you used with your passwords, wherein you modifed each password that PWM generated before actually logging into the site.
For example, you could always add a '1' to the beginning of the password, a '2' in the middle, and a '3' at the end.
Or, you could always delete the first and last characters.
Or any infinite number of variations on the above.
You could even have different ways of modifying them, based on the account name, or the group it was in, or both, or... well, hopefully you get the idea by now...
The fact is, PWM, intelligently used, is far more secure than anything else you have ever used, or most likely will ever use.