Monthly Archives: October 2014

Password Managers

I love my password, but I sure hate my password!  If this is you, don’t feel alone.  Passwords are a tricky thing to get right.  The best passwords are almost impossible to remember and the easy to remember ones are weak.  Sometimes even the tricks of substituting letters and special characters that resemble letters are easy to forget or easy to guess.  A lot of people find that PERFECT reasonably hard to guess password that is easy to remember and use it for EVERYTHING …forever.  There has to be a better way!

Introducing….password management software (password managers).  According to Wikipedia:  “A password manager is a software application that helps a user store and organize passwords. Password managers usually store passwords encrypted, requiring the user to create a master password; a single, ideally very strong password which grants the user access to their entire password database. Some password managers store passwords on the user’s computer, whereas others store data in the cloud. While the core functionality of a password manager is to securely store large collections of passwords, many provide additional features such as form filling and password generation.”

There are a lot of password managers available and some are better than others.  Feature sets abound, so how do you decide on the one that is right for you?  Let’s look at a few examples:

  • browser based — Most current web browsers have some sort of password manager built in.  When the browser offers to “remember” the password, it stores the login credentials.  Browser based password managers are generally though of as low-security, high risk.  Often they are not encrypted and they don’t require a master password to unlock them.
  • Desktop — desktop/laptop software store passwords (usually encrypted) on a computer hard drive and most often require a master password to unlock them.
  • Cloud — Password manager software stores and retrieves encrypted passwords from online storage.

Advantages of password managers:

  • Ease of having long, hard to guess passwords that are automatically used or are easy to retrieve.
  • Remember one master password, but use many different passwords
  • No more sticky notes on the monitor!  (well, at least for passwords)
  • shared passwords (rarely a good idea, but sometimes necessary)
  • password escrows so that an organization might retrieve passwords that former employees may have used

So, you want to use a password manager, but which one?  That is a difficult question.  Many of the most popular products have some similar features, so the secret is to figure out what is important to you and find out which one(s) qualify.  I will leave a bit of research for you by giving you some links from popular web sites with comparisons of password managers:

PC Magazine

CNet

InfoWorld

In conclusion, I think it is important to remind you that running a password manager does NOT mean you should let your guard down.  Use the tools, but never make the mistake of thinking the tool will keep you safe.  Tools such as a good firewall, anti-virus, anti-malware, good passwords or a good password manager are simply that…tools to help.  Nothing beats common sense and being careful.  A good password manager can be a great tool in your online defensive arsenal.