Can you recommend a program that I can purchase to store my ever growing list of passwords? How secure are these types of programs?
This question was answered on August 31, 2005. Much of the information contained herein may have changed since posting.
Passwords are a fact of Internet life and how you use (and protect them) is of vital importance.
Too many users defer to easy to remember passwords that they use on everything so that they don’t have to remember which ones go with which resource Once that single password is breached, anything and everything that the user has is at risk.
Of those that don’t seem to be too concerned about security, 4 digit passwords are quite common that usually reflect the last 4 numbers of the users SSN or even worse their bank PIN number Using numbers is very common but what most don’t realize is that pure number passwords are amongst the easiest to break Computers (and “brute force attack” programs) can try several thousand combinations per minute until they break numeric passwords.
Any word that is in the dictionary is also low hanging fruit for password breakers because of the plethora of rogue software that uses a “dictionary attack”.
The best passwords are the ones that we humans have the toughest time remembering They use a combination of numbers and letters, are at least 8 characters long and don’t have any personally identifiable characteristics (pet’s name, phone numbers, etc.)
That’s were these password management software programs come to the rescue.
Not only will they remember which passwords belong to which resource, they can also generate very difficult to break passwords, encrypt everything that they store and automatically fill out known websites with both the username and password.
All of your critical passwords are protected by one password, so it is even more important that you not use easy to break passwords on programs like these.
Also, get in the habit of checking over your shoulder before typing critical passwords, especially in public places
A quick check of user popularity and overall ratings for freeware programs at SnapFiles.com yielded a couple of programs that should do the trick for you.
The three with the highest ratings are Password Depot, KeePass Password Safe and Password Agent Lite and they are all free.
KeePass is the only program that has unlimited password storage, while the others limit you to 20 to 25 different passwords, which is usually enough for the average user, but that may help you make a quick decision on which one to try first.
There is a great danger, however, in relying completely on these programs to do it all If the program malfunctions, your computer’s hard drive completely fails or your computer gets stolen or destroyed in a fire, you could be up the proverbial creek without a backup.
You may want to consider exporting your passwords to a CD or floppy disk and storing it in a safety deposit box or some other off-site secure location.
For road warriors that use a lot of passwords on public terminals, you may want to consider carrying KeePass on a USB drive as it runs with a single executable file that does not require an installation to work.
About the author
Posted by Ken Colburn of Data Doctors on August 31, 2005