I wrote a column last year about passwords. Gee, don’t our digital worlds revolve around them? If you work with computers on a regular basis you may have a million of them. You may have them for logging onto your computer, websites, email, bank accounts, online stores, etc. As I stated last year, “I do not have that great a memory and never did.” So to remember them I use applications designed to keep them for me.
First, here is a quick review of password creating. Always use at least eight-characters in a password. Be sure to use a combination of letters, numbers, upper-case and lower-case, and make sure the letters don’t spell anything … even backwards. Something like "rQ7tXc5#T" would be good, but bear in mind you have to remember it.
Some of the top passwords currently in use in the US are 12345, qwerty, asdfgh, 12345678, monkey, your first, middle, or last names, names of pets, kids, parents, or significant other, birth dates, months, year of birth, street name and/or number, your car’s license plate, a difficult word from the dictionary, like ambrosia (a very popular one) and the most obvious, "password". Are you using any of those? I hope not!
How are we to remember them? Well, I am a huge fan of KeePass. KeePass is a standalone program which is installed on your computer, where all of your passwords are stored. I have been using that app for at least 5 years and it has never failed.
However, there is another I was testing until earlier this summer, LastPass. LastPass is recommended by some of the big names in Tech. LastPass is also installed locally; however, your encrypted passwords are stored online. The online storage enables you to access them online from any location on any computer. I always wondered about storing your passwords on someone else’s servers…in the cloud. In May, 2011, LastPass posted on their sites, “We noticed an issue yesterday and wanted to alert you to it. As a precaution, we’re also forcing you to change your master password.”
Basically, that meant someone “could” have hacked their password site and gotten information from user accounts.
Many have said this didn’t happen and they are showing paranoia in being so cautious. This is a good thing. It made me decide to bail out of the program. I really can’t recommend it since this happened. You can debate whether they had been hacked or not. Regardless, your secret “stuff” is out there and not under your control. That concerns me.
Most password manager programs work the same. You set up a “Master Password” which protects all of your other passwords. Make sure it is a good one in order to keep prying eyes out. Then log into the program using that password and you can look up your individual passwords.
I realize there are other great programs which perform the same/similar actions out there like RoboForm, and 1Password. However, KeePass is the one that I can fearlessly recommend to my readers.
I would like to hear from you during the week. Tell me which password program you like and use. As I compare and contrast them, I believe KeePass has been, and will continue to be (for some time) my choice in password security.