How to Manage Your Username and Password The Easy and Secure Way
Have been an Internet user for more than 9 years, I have 100's of logins and passwords to keep. I'm paranoid. I'm now even more paranoid after I joined YMMSS because I use online paymentsystems on weekly basis if not daily.
I used to use Microsoft Excel to manage my usernames, passwords, and other registration information, both online and offline. Excel is not safe because there are programs to crack password protected Excel workbooks and I even cracked the spreadsheet and VBA source code password for one of my old Excel financial models I developed. Today I still use Excel to store some personal information but I only save the Excel file on my another PC that is not connected to Internet.
In my article "6 Essential Steps to Protect Your Computer On the Internet", I highly recommended the award winning RoboForm. Free version of RoboForm (http://www.roboform.com) does come with limitations such as 10 Passcards only. If you don't want to buy the Pro version (costs $29.99 as of my writing), there is an easy-to-use freeware (see below) you can download right now and manage unlimited usernames and passwords.
Download freeware Password Safe from SourceForge.net - the Open Source community.
Here are some great features of Password Safe:
- No installation is required. Simply download and double click the pwsafe.exe file.
- Easy portable. Just copy and paste the EXE file and .dat database file to any disks. Be aware that when you open Password Safe in the other disk, you need to specify the database file location (the .dat file).
- One master password unlocks an entire password database that can contain all your other passwords.
- Grouping. Usernames and passwords can be grouped into different categories you define, eg. Email Address, Payment, etc. You are in total control.
- Strong, random password generation.
- Copy username and password to clipboard so that you don't have to type them. Always keep in mind that you should never type any username and password.
- Browse to URL. With one click, the URL related to your username and password can be opened in your default web browser. Another save on typing.
- You can create more than one password database (but you have to memorize more than one master password. Not recommended.)
Here are some tips of using Password Safe (version 2.04) and managing password in general.
Tip #1 - Always create a strong master password (Safe Combination as used in the software).
Strong password should meet the following criteria:
- At least 8 characters long to prevent cracking. The longer the better.
- The password should contain lowercase, uppercase, numeric, and any other characters that are available on keyboard.
- Ideally you should not use any meaningful words or numbers in the password. Totally random password is the best.
Tip #2 - Let PasswordSafe generate random password for you.
To generate random password:
- Click the menu item Edit.
- Select Add Entry (or use corresponding icon button).
- When the dialogue window opens, on the right hand side, you can see a Random Password Generate button. Click it, a random password will be automatically inserted in the Password field.
The generated random password is constructed according to the password policy defined in Password Safe. You can modify the default policy.
- Click the menu item Manage. - In the dropdown menu, click Options. - Click the Password Policy tab. - Change the policy based on the strong password criteria stated above.
Some sites only allow alphanumeric passwords so make sure you select the appropriate check boxes when this is the case.
Tip #3 - Very Important: Never type your master password when open PasswordSafe.
Keylogger spyware can record keystrokes.
How can you enter master password without typing? I do this.
Step 1: Open a Notepad file (.txt).
Step 2: Copy and paste an article from any Internet website to this .txt file.
Step 3: Select characters from this article and copy, paste to form your master password.
Tip #4 - Very Important: Never lose your master password.
I memorize my master password. In addition, I also physically write it down to a hand written study material that has my previous uni works. Among the 1,000's of words, I placed my 22 characters master password in two different pages in encrypted format that can let me derive my master password.
Tip #5 - Categorize username and password.
When you add a new entry, you need to specify Group, Title, Username, Password, and Notes. The entries that share the same Group name will be gathered together automatically.
One Group can contain another Group as its sub Group. For example, I have Email Address group which contains three sub-groups as Friend, Work, Family.
Tip #6 - For security reasons, always use Copy Username to Clipboard and Copy Password to Clipboard.
Remember, never type username and password on a web form. This is how to do it.
- Highlight an entry.
- Right click mouse.
- In the pop-up menu, select Copy Username to Clipboard or Copy Password to Clipboard
- Go to your login form, paste the username or password.
You can use mouse to do copy and paste. If you prefer short-cut keys, this is how.
Copy: Ctrl+CPaste: Ctrl+V
Tip #7 - Use "Browse to URL" rather than typing URL in browser address bar.
When you enter a new entry or edit an existing one, you can enter a URL (must start with http://) at the first line in the Notes field. You can save website login page's URL in this field. When you need to open a login page in browser, right click the entry and click Browse to URL in the pop-up menu. Then the login page will be opened in your default web browser automatically.
Tip #8 - Don't forget to backup your password database file.
Use the Make Backup menu item to save a second copy of your password file.
Tip #9 - Store your backups in a different offline computer or location.
This is a widely used backup strategy.
Tip #10 - Use the Notes field to store as many information as you want. Very handy for memo.
If you don't have two computers, you need to use other storage media to save a second copy of your backup file and version them by date (easy to track back). Other storage media can be zip drive, thumb drive, floppy disk, CD, etc.
Off site backups are also important. Don't overlook this. You lose all your data if you lose both your computer and your other storage media all together for any reason.
Many companies provide online storage services for a fee. You can store any digital files (you should password protect these files first) on their secure servers. Search Google and you will find a lot.
I have two computers. One is used to surf net and it does not have any sensitive info stored on it. Another one is for my development work (not connected to Internet) and it has my backup files. I also store my backups in a thumb drive and CDs sometimes.
The author, Jerry Yu, is an experienced internet marketer and web developer. He is a proud member of YMMSS. Visit his site Get Paid Full Time Income By Reading Ads Online - YMMSS for FREE "how-to" step-by-step action guide to kick start a successful online business, tips, knowledge base articles, and more.
A New Low
A new variation of the Nigerian Scam themeThe scam artists are employing the Nigerian Scam to fleece unwary sellers who advertise pets for sale.
Five Excellent Indie Encryption And Security Solutions You Have Not Heard About
1. Geek Superherohttp://www.deprice.com/geeksuperhero.htm
How to Protect Yourself from Viruses, Spyware, Adware, and Other Nuisances
Spyware/adware is a new major concern for PC users everywhere. Infecting your computer silently (usually installed with programs that seem harmless), spyware and adware can collect personal information about you, as well as cause pop up ads to come up all of the time, changing your browsers home page, sometimes even completely disabling your computer's usability.
Eliminate Adware and Spyware
Everyone should eliminate spyware and adware from your hard drive for your computer privacy protection. Spyware and adware programs also slow down the speed of your computer by cluttering your hard drive with annoying programs. Once you eliminate adware and spyware, your computer speed will improve immediately.
Is the Internet Insecure Because of You?
Long gone are the days that we could feel secure and know for certain that we had privacy. With the digital age upon us we can no longer be so sure that our privacy is secure. Recently Google has admitted their organisation holds user data indefinitely. This causes concerns as now we know Google has information on us that we do not want anyone to know about.
Email Hoaxes, Urban Legends, Scams, Spams, And Other CyberJunk
The trash folder in my main inbox hit 4000 today. Since I never throw anything out, I know that what's in there is courtesy of my email filter which is set to automatically delete anything that is forwarded from my work account from a certain person. That "person" is our spam filter that insists on sending me, the administrator, a notification when it blocks an email. It's also set to delete some other mail automatically, those would be that come from addresses that have sent me spam. So I have 4000 of these in my trash. Yippee.
Phishing: An Interesting Twist On A Common Scam
After Two Security Assessments I Must Be Secure, Right?---------------------------------------Imagine you are the CIO of a national financial institution and you've recently deployed a state of the art online transaction service for your customers. To make sure your company's network perimeter is secure, you executed two external security assessments and penetration tests. When the final report came in, your company was given a clean bill of health. At first, you felt relieved, and confident in your security measures. Shortly thereafter, your relief turned to concern. "Is it really possible that we are completely secure?" Given you're skepticism, you decide to get one more opinion.
Online Cell Phone Scams and Spam
They're out there. Individuals trying to make a quick buck at your expense. You labour hours on end to produce quality content on your website only to get repetitive requests for huge numbers of product or promises for the greatest deals online. As a webmaster for a cell phone and PDA site, I've had my share of spam and scams come through, mostly via email, some posted on my forum. The purpose of this article is to provide a few methods of detecting spam and scams, and provide a few examples as well. Take a look over and protect yourself from online cellular fraud.
Spyware, What It Is, What It Does, And How To Stop It
Spyware is software that runs on a personal computer without the knowledge or consent of the owner of that computer. The Spyware then collects personal information about the user or users of the infected computer. The personal information collected is usually the name of the user; the users email address, Websites visited, online shopping habits, as well as various other information about the user.
Keeping Worms Out of Your Network...
No auntie Sookie, not earth worms, computer virus worms that can get to you computer and slowly dig deep into your files and eat them away. Put that eggnog down and I'll tell you some more about these new worms.
New CipherSend Online Security Service Thwarts Email Address Theft And Soothes Password Fatigue
In 1997, I decided after 15 years as a practicing CPA that it was time to put down my pencil and explore a new venture on the exciting new internet which, while perhaps not exactly in its infancy at that point, was still at least a pimply faced teenaged medium still unexplored by most accountants.
Reclaim Your PC from the Internet Spies
Viruses are, however, not the only malicious software programs out there. The newest addition to the evil software family is the so called Spywares and a good anti-virus program or firewall is not enough to safeguard against these clever programs.
Identity Theft Offline -- So Many Possibilities
Chris Simpson, head of Scotland Yard's computer crime unit was unpleasantly surprised to learn how easy it is to cheat anybody out of his or her personal info -- by means of a fake survey.
Can I Guess Your Password?
We all know that it's dangerous to use the same password for more than one program. If you sign up for a program run by someone of low moral fibre, what is to stop them running through various programs with your username and password to see what they can access?
Technology and Techniques Used in Industrial Espionage
Industrial Espionage. These methodologies are being used on a daily basis by competitors maybe even against you. I knew a Private Investigator who used to break into other firm's voicemail boxes. He was suspected of erasing messages and stealing potential clients. I know you may bethinking that is not right. Maybe so but if a Private Investigator cannot protect him/herself than what use are they to a client.
How Free Scripts Can Create Security Problems
With the Internet entering our lives in such an explosive manner, it was inevitable that Internet security issues would follow as well. While credit card frauds are an offline security problem that has been carried over to the Internet as well, spamming and phishing are uniquely Internet security hazards.
Computer Viruses and Other Nasties: How to Protect Your Computer from These Invaders
Can you protect your computer from all possible viruses and other invasions?
I Spy...Something Terribly Wrong (In Your Computer)
This really chapped my lips...
The Risk Of Electronic Fraud & Identity Theft
Electronic Fraud and Identity Theft-----------------------------------Human beings are pretty sensible when presented with an imminent threat or risk. That is, if it's staring us directly in the face. Many threats and risk are presented in subtle ways, and it is these subtleties we tend to overlook.
5 Tips For An Unbreakable Password
Despite the current wave of identity theft and corporate security breaches it's amazing how very few people treat their passwords with any level of seriousness. Most computers users, both at home and in the office, see passwords as a nuisance and therefore make them as easy to remember as possible. This can be a catastrophic mistake.
|© Athifea Distribution LLC - 2013|