written by: Jeremy Bost•edited by: Rebecca Scudder•updated: 9/23/2011
If you regularly use a computer, you doubtlessly have different accounts online, most requiring a password. But unless you have researched password safety, you are probably vulnerable like many others.
slide 1 of 7
Passwords to Keep You Safe
Typical computer users come in contact with passwords frequently. You may have one for your operating system's account, a Facebook account, an email account, et cetera. However, many people's passwords are easy to crack. For example, the same password might be reused for multiple accounts. If one account is compromised, the attacker can easily try to login to another popular online service. Sometimes they gain access to bank accounts as well.
To prevent things like this from happening, here are some recommended articles that will help you with password safety.
First, it is useful to know some methods crackers use to obtain private login info.
Second, what you can do, and;
Third, programs which can help you.
slide 2 of 7
Techniques to Discover Passwords
What are the main ways a cracker can uncover passwords? Some hackers, with the time to spare, might find and use security exploits in your operating system or installed software. Brute force techniques are simpler, but can take long amounts of time (years, if the password is long and varied). Spyware (for example, a keylogger) could be running in the background on your computer. Or, a you could be tricked by a website pretending to be Facebook or your online bank account. This is called phishing. These articles can help you identify potential problems you may face and what to do about them.
Many people have weak passwords. Maybe their maiden name plus their age when they married. Or a character from a favorite movie. But these are quickly cracked with a dictionary attack (a program that tries many different common words), by a friend, or someone who can see your Facebook profile. Strong passwords are vital to online safety. These articles offer advice on creating solid passwords. The methods in the second and third article also help memorization. I suggest that you check each and see which fits you best.
What if you have a bad memory, or are not able to recall different passwords for multiple sites? Writing them down on a slip of paper next to your computer is very insecure, in most cases. Someone could break into your office (beware the cleaning crew!), or a guest in your home might want to play a prank on you. Besides, paper can be lost easily. So, the best thing to do is use a password manager.
My personal favorite password manager is LastPass. It is free, works online or offline, and has multiple plugins for different browsers and smartphones. You can use it on different computers and it syncs across them all. It also has a wide array of import options, so if you want to switch to it from another manager, you probably can do it smoothly.
But LastPass is not the only option available. RoboForm also has similar features, and you may feel safer paying for password management. Note that the free version of RoboForm is very limited. KeePass is another manager, but its database is stored locally. This means that you get no syncing feature, but your passwords are not stored on remote servers (unlike with LastPass and RoboForm Everywhere). KeePass also lacks a good autofilling ability.
Here are some other, less known password managers, and comparisons between them. Xilisoft is a $30 password manager that seems to be a cross between LastPass and KeePass: You can choose to have your passwords stored online or just locally. However, it is more like KeePass in that autofilling is not a strong point.
Looking for password managers for the iPad and iPhone? Datavault, offered for less than $10, is a top choice of Bright Hub authors.
A company named Atek has produced a product named the Logio Secure Password Organizer. This is different from all the other managers linked to here, as it is a physical device. About the size of a credit card, it is protected with a master password (like the others) and can store passwords associated with web sites.
CyberScrub KeyChain's big feature is a USB drive-based vault. However, at about $40 it is pricey, especially since KeePass has a free portable version that can also be stored on a USB drive.
Norton Confidential and Sticky Password are some other less known managers.
Do you use Linux? Don't worry...there are password managers for your operating system as well.
Bright Hub also features some comparisons between password managers to help you choose.
It is important to keep your passwords safe. Even with strong passwords and good password managers, your password could be discovered. So here is some more advice:
First, we have an article with guidelines for password safety. Despite being intended for businesses, these guidelines can help your personal security as well.
Many people make mistakes online, and people with malicious intentions can end up with your personal information or passwords. Don't follow in these users' footsteps.
There are multiple free tests available online. Try at least a few to see how well you are secured against different threats.
On the subject of passwords, the type of malware we are concerned with now is spyware, especially keyloggers. Even if a computer is running smoothly, a keylogger can still be installed, collecting your activity and sending it to a remote observer. Your information might then be sold or used immediately.
For most people, this is undesirable. Bright Hub offers many articles on protection, detection, and removal of malware, and two of these articles dealing specifically with spyware are offered here.
Passwords are an important part of the web, and if you value your privacy and don't care for online account vandalism, it is easy to secure yourself with little inconvenience. Hopefully you have learned from these articles...and maybe, you could help a friend as well.