If you are like any average computer user you’ll have to manage usernames and passwords for dozens of Internet sites, computer domains, voicemail, telephone banking and odds are you’ll use the same information for all of them. Not only does this increase the likelihood that your password will fall into the wrong hands, it leaves you vulnerable for identity theft, fraud, hackers and other Internet baddies not only for one site but for all of them. The ideal way to deal with login security is to have compartmentalized login and password combinations keeping each account separate. Of course it’s a pain managing multiple accounts, remembering the passwords and you could even resort to the dreaded post-it note of passwords you keep in your wallet.
An excellent way to manage multiple accounts is with a password management program. There are many out there to choose from and it comes down to features and preference. Here at FiscalGeek we are strong advocates of the free Open Source package KeePass. KeePass is great it’s a very light weight, easy to use program and is available in Windows versions as well as Mac OS X, and many Linux variants. Further you can run KeePass directly from a USB thumb drive so you don’t even have to install it on the computer you are using which is a very handy feature in public or on a work computer which won’t allow you to install software. We won’t go into the details of installing KeePass their website has plenty of information on how to get up and running but let’s get into the details and talk about some best practices. I currently am using version 2.07 Beta.
Setting Up Your Password File
After you fire up KeePass the first thing you are going to do is setup your Password File. You have a choice to make here and it depends on how secure you want to keep this file. Remember this file will contain your entire collection of passwords so it pays to be a little paranoid. You can trust that your file will be well protected because it’s encrypted with SHA-256 which is a 256-bit cryptographically secure one-way hash function. Your master password is hashed using this algorithm and its output is used as the key for the encryption algorithms. So your decision is this, do I want to just use a very strong password for this file or do I want to keep a key on a thumb drive or media drive or do I want both? My recommendation would be to have both that way you are getting your highest level of security possible. A would be hacker would need to have access to your password file, have your password and have a copy of your key for the password file. This will make it very difficult for evildoers to get access to your file. A best practice here would be to save a copy of your key to a DVD,CD-ROM or USB thumb drive which you can then use to validate your identity upon opening the password file. In this manner you can use something like Live Mesh or DropBox to keep your password file synchronized among your various computing devices. You’d then just keep a copy of your DVD handy and store it safely away when not in use. I would suggest also creating a backup of the DVD and keep it safe.
Organize your Login Information
Now you are setup you just need to determine how you want to categorize your information. You could have separate categories for online banking, e-commerce, work passwords and on and on. This is going to depend on your needs and it’s very simple to setup. In the window you’ll see a folder view on the left. Right click on the name of your file and choose …Add Group. Simply do this for all your groups. Under your groups that’s where you’ll create entries. Click on the group you want to add some entries to and then in the open windows to the right click or hit the Insert key and you can add your entries.
Choosing a Password
If you are going to fully buy into using a password manager to keep track of your various logins you can let KeePass develop passwords for you. This way you can be sure that they are strong passwords and that each one will be different. This will work well if you are going to be able to have KeePass with you everywhere. If not you may want to choose some passwords that you actually have a chance of remembering. Guest writer Adam Baker had a great post over at Bargaineering about Creating Strong Passwords You can Remember which would make a lot of sense for those sites or items that you need access to constantly like your Bank and Network Domain at work for instance. Then you can let KeePass create passwords for you on the less used items and keep your compartmentalization going. You can also tweak the settings in KeePass to utilize a scheme for your passwords which is also a handy way to make them more memorable and high quality at the same time.
Leverage the Power of KeePass
Now that you have your passwords “managed” you can easily use KeePass to login to your various sites. If for instance you are logging into your bank from your Web Browser and you click in the username field, get KeePass opened and get to the entry for this bank login you can then hit Ctrl-V to perform an autotype in your browser window alternately you can right click and choose …Perform Auto-Type. A super cool feature of Auto-Type is that it will perform Two-Channel Auto-Type Obfuscation. What? This means that KeePass will use a combination of cut and paste to the clipboard then to the password entry fields in the other application rendering any form of keylogger or clipboard spy useless. That’s great for piece of mind especially on a public computer.
Like anything a little discipline is key in making a system like this work for you. You should regularly change your passwords (every 90 days or so) and you should protect them at all cost. You should also protect your password file by backing it up regularly. Finally stop writing your passwords on post-it notes under your computer keyboard. Good luck and hopefully you find some useful tips here.
This post was selected as an editor’s choice at the 71st edition of the Money Hacks Carnival hosted at the Canadian Finance Blog, give them a visit to check out all the great articles.