Secure Password Programs – Keeping Track of All of Your Passwords

Secure Password Programs – Keeping Track of All of Your Passwords
Page content

Overview

With the convenience of the Internet comes some challenges to you as a consumer. If you perform any kind of business online, you’re likely to have a large number of accounts – all with passwords. If you use best practices, you’d use a new unique password for each and every site that you use. Many people tend to use the same password for anything from their banking to a newspaper website that requires registration. If a hacker discovers your password, they’ve suddenly gained access to any number of sites you frequent. Using a password manager, you can be more confident in using best practices without worrying about forgetting your passwords.

How Password Managers Work

Password managers typically require you to provide a passphrase (a “super” strong password) to gain access to your password repository. The password repository is encrypted and stored either on your computer or at a third party if you are using an online password manager.

Client side password managers are installed locally on your computer and are more secure than online password managers, but if you have multiple computers you access restricted sites from, you will have a difficult time synchronizing passwords between computers.

Using an online password manager does expose you to some risk by storing an encrypted package of your passwords on the 3rd party providers storage, but does offer you flexibility in allowing you to access your passwords from multiple computers. The two online password managers highlighted below encrypt all data stored on the 3rd party servers as well as any data passed to and from the site.

Password Manager Features

Password managers typically include a number of features beyond just storing a username and password. Here is a list of popular features available in most tools.

  • Browser integration – most managers install a browser add-in that will detect when you are visiting a site that requires you to login and will automatically log you in if your credentials are already stored.
  • Backup or Export options – allows you to export a listing of all accounts to store in a safe place in case of a software or hardware failure that renders your password database corrupt.
  • Searching – most tools allow you to search for an account.
  • Random Password Generators – these will help you generate a strong password.
  • Password Strength meters will tell you how strong your password is. Typically the longer and more complex the password, the stronger it will be (using numerals, symbols and capital case characters greatly increase the strength of a password).
  • Custom Fields allow you to store other information in the password record. Maybe you want to store your “security question” and answer in a notes field along with the site, username and password.

Client Side Password Managers

One of the most popular commercial password managers is Roboform ($29.95 from the Roboform site). This, and the other client side products allow you to store passwords and other information typically associated with secure sites (user name, address, name, email, etc). Most of the products include a browser plugin that will automatically fill in your account data when you go to a site requiring credentials.

Two other popular password managers are KeePass and LastPass (shown in Figure 1) – both are available for free. LastPass offers a premium version for $1 a month that includes a mobile client for your smartphone.

Online Password Managers

Figure 2 - Passpack

Online Password Managers present a unique solution to the problem of managing passwords and making them available from anywhere. Depending on how comfortable you are with technology and storing some data on a 3rd party’s servers, an online password manager may be a good solution.

Popular online password managers are PassPack (shown in Figure 2) and Clipperz.

If you’ve got a bunch of sites to keep passwords for or have decided to use the same account information for every site, I highly recommend you utilize a tool like one above to better protect your accounts.