Security Mecca

Password Manager

Posted in Articles, Home Users, OS X, Tutorials, Windows on

share!

Why do I need more software?!

Now that you have your password built, if you don't look here for advice.  Now you need to remeber it and change it within 30 days.l That's right. Ultimately, if a password sits somewhere long enough you are giving a motivated hacker time to set a program to break it. If your password is strong enough a brute force attack should take some time. Rotating your password ensures that the brute force attack will never be successful because by the time the attack gets close to success you rotate and it has to start all over. 

Another way to ensure password strength is to use a unique password for every account. This compartmentalizes your accounts so if one is hacked all of the others still remain safe and you minimize your loses.

Now the battle becomes how will I remember all of this? Don't worry, you don't. Creating a secure password and remembering it is one thing but maintaining multiple online accounts all with diffrerent passwords can become difficult. Password management software now allows you put all of your eggs in one basket. There are alot of different types of software out there and this article should help you learn about the features and key differences between all of the choices.

Things to think about when looking for a password manager

(These will be the criteria that I use to evaluate the following password managers as well)

Autofill in with your favorite browser?

Encrypts your passwords for complete security?

Generates random passwords?

Backs up passwords, Easy to backup?

Portable: can run from a USB key?

Mobile device friendly: sync your passwords to mobile devices?

Does it create an on screen keyboard in case your are afraid of someone monitoring your key strokes?

Cost?

Choices:

 

Installing LastPass is straightforward, except that you can choose between the universal installer or browser-specific add-ons. The easiest option is the universal installer, which will work with Internet Explorer, Firefox, and Chrome on Windows. Mac users will have to download individual add-ons for each browser.

Autofill in with your favorite browser?

Encrypts your passwords for complete security?

Generates random passwords?

Backs up passwords, Easy to backup?

Portable: can run from a USB key?

Mobile device friendly: sync your passwords to mobile devices?

Does it create an on screen keyboard in case your are afraid of someone monitoring your key strokes? - Yes. Lastpass allows you to enter your password using your mouse on a virtual screen keyboard to protect yourself from keyloggers and keysniffers or use

Cost - Free for basic. $1/month if you want the premium version

Additional - You can access your LastPass vault using one time passwords when using untrusted computers or networks and never worry about revealing your actual LastPass master password.

RoboForm password manager securely stores online and offline passwords on your desktop or laptop, automatically logs you into online accounts and completes online registration and checkout forms with one click.

Autofill in with your favorite browser? - Yes. They have a one click login feature which allows you to save time filling out forms.

Encrypts your passwords for complete security? -Yes. RoboForm securely stores all your website and Windows application passwords. RoboForm Data is secured with military-grade AES 256 encryption, with additional security options available.

Generates random passwords? Yes.

Backs up passwords, Easy to backup? - Yes.

Portable: can run from a USB key? - Yes.

Mobile device friendly: sync your passwords to mobile devices? - Yes. But you have to pay extra.

Does it create an on screen keyboard in case your are afraid of someone monitoring your key strokes?

Cost? - $9.95 for 1st year. $19.95 for additional years. Portable version is $39.95.

Additional comments: This is seemingly a more robust system, although you pay the price. If you want to pay to store your passwords this might be worth a more indepth look.

 

KeePassX saves many different information e.g. user names, passwords, urls, attachments and comments in one single database. For a better management user-defined titles and icons can be specified for each single entry. Furthermore the entries are sorted in groups, which are customizable aswell. The integrated search function allows to search in a single group or the complete database.

KeePassX offers a little utility for secure password generation. The password generator is very customizable, fast and easy to use. Especially someone who generates passwords frequently will appreciate this feature.

The complete database is always encrypted either with AES (alias Rijndael) or Twofish encryption algorithm using a 256 bit key. Therefore the saved information can be considered as quite safe. KeePassX uses a database format that is compatible with KeePass Password Safe.

There are plenty more choices as well. Theses are just a few popular ones. In the long run you want to find one that your are comfortable with storing all of your data and passwords. Almost all include auto fill in functions which allow you to fill in the standard forms online with just a simple click of a button. 

Autofill in with your favorite browser - The most current version does not for macintosh.

Encrypts your passwords for complete security - Yes. Access to the KeePassX database is granted either with a password, a key-file (e.g. a CD or a memory-stick) or even both. Either the Advanced Encryption Standard (AES) or the Twofish algorithm are used

Generates random password - Yes. Extremly customizable password generator for fast and easy creation of secure passwords

Backs up passwords, Easy to backup - Yes. You can make a copy of the database and store it where ever you like

Portable: can run from a USB key - Yes.

Mobile device friendly: sync your passwords to mobile devices? - No.

Does it create an on screen keyboard in case your are afraid of someone monitoring your key strokes? - No

Cost? - Free

Additional comments: There are some great usabilty features with this program. There is a button that will allow you to switch from viewing passwords as astreks or plain text

Sources:

http://www.roboform.com/                     

http://lastpass.com/

http://www.keepassx.org/

 

 

about the author

More about Kyle Gulau:
Kyle Gulau enjoys computer programming as well as drumming and skiing. He is currently a student at Western Michigan University is active in the CIS program and FIN program.

questions or comments?

If you have any questions or comments about this article, feel free to contact us!

talk back! questions/comments, and feedback. keep it polite, please