How to Manage Your Username and Password The Easy and Secure Way
Have been an Internet user for more than 9 years, I have 100's of logins and passwords to keep. I'm paranoid. I'm now even more paranoid after I joined YMMSS because I use online payment systems on weekly basis if not daily.
I used to use Microsoft Excel to manage my usernames, passwords, and other registration information, both online and offline. Excel is not safe because there are programs to crack password protected Excel workbooks and I even cracked the spreadsheet and VBA source code password for one of my old Excel financial models I developed. Today I still use Excel to store some personal information but I only save the Excel file on my another PC that is not connected to Internet.
In my article "6 Essential Steps to Protect Your Computer On the Internet", I highly recommended the award winning RoboForm. Free version of RoboForm (http://www.roboform.com) does come with limitations such as 10 Passcards only. If you don't want to buy the Pro version (costs $29.99 as of my writing), there is an easy-to-use freeware (see below) you can download right now and manage unlimited usernames and passwords.
Download freeware Password Safe from SourceForge.net - the Open Source community.
https://sourceforge.net/projects/passwordsafe/
Here are some great features of Password Safe:
- No installation is required. Simply download and double click the pwsafe.exe file.
- Easy portable. Just copy and paste the EXE file and .dat database file to any disks. Be aware that when you open Password Safe in the other disk, you need to specify the database file location (the .dat file).
- One master password unlocks an entire password database that can contain all your other passwords.
- Grouping. Usernames and passwords can be grouped into different categories you define, eg. Email Address, Payment, etc. You are in total control.
- Strong, random password generation.
- Copy username and password to clipboard so that you don't have to type them. Always keep in mind that you should never type any username and password.
- Browse to URL. With one click, the URL related to your username and password can be opened in your default web browser. Another save on typing.
- You can create more than one password database (but you have to memorize more than one master password. Not recommended.)
Here are some tips of using Password Safe (version 2.04) and managing password in general.
Tip #1 - Always create a strong master password (Safe Combination as used in the software).
Strong password should meet the following criteria:
- At least 8 characters long to prevent cracking. The longer the better.
- The password should contain lowercase, uppercase, numeric, and any other characters that are available on keyboard.
- Ideally you should not use any meaningful words or numbers in the password. Totally random password is the best.
Tip #2 - Let PasswordSafe generate random password for you.
To generate random password:
- Click the menu item Edit.
- Select Add Entry (or use corresponding icon button).
- When the dialogue window opens, on the right hand side, you can see a Random Password Generate button. Click it, a random password will be automatically inserted in the Password field.
The generated random password is constructed according to the password policy defined in Password Safe. You can modify the default policy.
- Click the menu item Manage. - In the dropdown menu, click Options. - Click the Password Policy tab. - Change the policy based on the strong password criteria stated above.
Some sites only allow alphanumeric passwords so make sure you select the appropriate check boxes when this is the case.
Tip #3 - Very Important: Never type your master password when open PasswordSafe.
Keylogger spyware can record keystrokes.
How can you enter master password without typing? I do this.
Step 1: Open a Notepad file (.txt).
Step 2: Copy and paste an article from any Internet website to this .txt file.
Step 3: Select characters from this article and copy, paste to form your master password.
Tip #4 - Very Important: Never lose your master password.
I memorize my master password. In addition, I also physically write it down to a hand written study material that has my previous uni works. Among the 1,000's of words, I placed my 22 characters master password in two different pages in encrypted format that can let me derive my master password.
Tip #5 - Categorize username and password.
When you add a new entry, you need to specify Group, Title, Username, Password, and Notes. The entries that share the same Group name will be gathered together automatically.
One Group can contain another Group as its sub Group. For example, I have Email Address group which contains three sub-groups as Friend, Work, Family.
Tip #6 - For security reasons, always use Copy Username to Clipboard and Copy Password to Clipboard.
Remember, never type username and password on a web form. This is how to do it.
- Highlight an entry.
- Right click mouse.
- In the pop-up menu, select Copy Username to Clipboard or Copy Password to Clipboard
- Go to your login form, paste the username or password.
You can use mouse to do copy and paste. If you prefer short-cut keys, this is how.
Copy: Ctrl+C Paste: Ctrl+V
Tip #7 - Use "Browse to URL" rather than typing URL in browser address bar.
When you enter a new entry or edit an existing one, you can enter a URL (must start with http://) at the first line in the Notes field. You can save website login page's URL in this field. When you need to open a login page in browser, right click the entry and click Browse to URL in the pop-up menu. Then the login page will be opened in your default web browser automatically.
Tip #8 - Don't forget to backup your password database file.
Use the Make Backup menu item to save a second copy of your password file.
Tip #9 - Store your backups in a different offline computer or location.
This is a widely used backup strategy.
Tip #10 - Use the Notes field to store as many information as you want. Very handy for memo.
If you don't have two computers, you need to use other storage media to save a second copy of your backup file and version them by date (easy to track back). Other storage media can be zip drive, thumb drive, floppy disk, CD, etc.
Off site backups are also important. Don't overlook this. You lose all your data if you lose both your computer and your other storage media all together for any reason.
Many companies provide online storage services for a fee. You can store any digital files (you should password protect these files first) on their secure servers. Search Google and you will find a lot.
I have two computers. One is used to surf net and it does not have any sensitive info stored on it. Another one is for my development work (not connected to Internet) and it has my backup files. I also store my backups in a thumb drive and CDs sometimes.
The author, Jerry Yu, is an experienced internet marketer and web developer. He is a proud member of YMMSS. Visit his site Get Paid Full Time Income By Reading Ads Online - YMMSS for FREE "how-to" step-by-step action guide to kick start a successful online business, tips, knowledge base articles, and more.
Hot Hardware
Hartford Courant, United States - 15 hours ago
New York Mellon disclosed in May that the security breach affected 497333 Connecticut residents, most of them depositors of People's United Bank in ...
Security breach at bank hits 12M people: BNY Mellon records could ... TMCnet
Bank of NY Mellon says data breach now affects 12M CNNMoney.com
Bank of NY Mellon data breach now affects 12.5 mln Reuters
SC Magazine UK - Dark Readingall 49 news articles
ChattahBox
Washington Post, United States - 23 hours ago
Security Flaw and repair date: A recently discovered security flaw will be fixed by September, Apple ( NSDQ: AAPL) told Macworld today. ...
Network Security Apple Won't Fix iPhone Passcode Hole Until September CIO Today
Apple promises September fix for iPhone security flaw Macworld
Apple To Fix iPhone Security Flaw CRN
ChattahBox - eFluxMediaall 123 news articles
MarketWatch - 2 hours ago
A new pre-security Houlihan's opened this week in the Lindbergh Terminal Ticketing Lobby, near Checkpoint 1. The full-service restaurant is accessible to ...
MarketWatch - 11 hours ago
an international provider of specialized technology-based radiological, nuclear, environmental, disaster relief and security solutions to government and ...
Visit Bulgaria
Deutsche Welle, Germany - Aug 28, 2008
The UN Security Council met behind closed doors to discuss the crisis in Georgia, its first meeting since Russia recognized the independence of the two ...
Video: Victims of Georgian attack mourned RussiaToday
Georgia break-up 'irreversible' TVNZ
Georgia seeks UN sanctions on Russia RTT News
The Associated Press - BBC Newsall 269 news articles
NetworkWorld.com, MA - 9 hours ago
"By teaming with IBM ISS, our objective is to both strengthen our security systems and improve the efficiency and effectiveness of our security operations," ...
Procter and Gamble Selects IBM Internet Security Systems to Help ... CNNMoney.com
Proctor & Gamble Taps IBM ISS For Cyber-Security Contract InformationWeek
Proctor & Gamble Chooses IBM ISS for Cyber Security IT Business Edge
Bizjournals.comall 18 news articles
RTE.ie
ZDNet UK, UK - Aug 28, 2008
... easy it was to break into the Nasa systems, or, to quote his dad when I spoke to them both outside the House of Lords in June -- "The security was crap. ...
Space station computer virus raises security concerns New Scientist (subscription)
The IT Security of the ISS Wired News
Ground Control To Major Tom: Check Your Laptop For Worms CRN
InternetNews.comall 216 news articles
Los Angeles Times, CA - 15 hours ago
Two attackers wrested a handgun from a security guard at a Los Angeles bank Thursday, then fatally shot him with his own weapon, police said. ...
New info in security guard shooting case abc7.com
Bank Security Guard Shot, in Critical Condition After Robbery MyFox Los Angeles
Security Guard Shot Outside Bank Dies KTLA
Los Angeles Times - Los Angeles Timesall 6 news articles
eFluxMedia
InternetNews.com - 5 hours ago
An Apple spokesperson told Reuters via e-mail that Apple was aware of the iPhone security flaw and is preparing a software update to fix the flaw, ...
IPhone security flaw allows bypassing of password San Francisco Chronicle
Hold On To Your iPhones, Apple Says Fix On The Way CRN
iPhone Suffers From Major Security Bug eFluxMedia
CNET News - VNUNet.comall 40 news articles
Washington Post, United States - 21 hours ago
25 editorial "Social Security on Ice" about Democratic presidential nominee Barack Obama's suggestion of a higher FICA tax on earned income of more than ...
We Cannot Tax Our Way out of the Entitlement Crisis American Enterprise Institute
Deficit Hawks Rain on Obama’s Parade CQPolitics.com
all 3 news articles
Instant Messaging ? Expressway for Identity Theft, Trojan Horses, Viruses, and Worms
Never before with Instant Messaging (IM) has a more vital warning been needed for current... Read More
If You Sell Anything Online Your ePockets Are Being Picked
You and I are a lot alike. We are both software publishers and eBook authors... Read More
Virus Nightmare..Lessons Learned
I got a virus the other day, Thursday I believe and since then I have... Read More
Computer Viruses and Other Nasties: How to Protect Your Computer from These Invaders
Can you protect your computer from all possible viruses and other invasions?The quickest answer to... Read More
DOS Attacks: Instigation and Mitigation
During the release of a new software product specialized to track spam, ACME Software Inc... Read More
Internet Identity Theft - How You Can Shield Yourself
With the advent of the World Wide Web, a whole new breed of criminals have... Read More
The Importance of Protecting Your PC from Viruses and Spam
Today the internet is a mine field of malicious code looking to harm your computer.... Read More
Wells Fargo Report Phishing Scam
First off I should explain what phishing is. Phishing is basically the act of tricking... Read More
How to Manage Your Username and Password The Easy and Secure Way
Have been an Internet user for more than 9 years, I have 100's of logins... Read More
5 Tips For An Unbreakable Password
Despite the current wave of identity theft and corporate security breaches it's amazing how very... Read More
Email Scams ? Ten Simple Steps To Avoiding Them
According to the Anti-Phishing Working Group (APWG) email scams also... Read More
Temporary Internet Files - the Good, the Bad, and the Ugly
A little bit of time invested into learning about internet... Read More
Phishing and Pharming: Dangerous Scams
As soon as almost all computer users already got used... Read More
Detect Spyware Online
You can detect spyware online using free spyware cleaners and... Read More
3 Steps to Ending Scams and Virus Problems
Watching how the traditional media covers the latest virus or... Read More
Phishing-Based Scams: A Couple of New Ones
Phishing in its "classic" variant is relatively well-known. Actually, 43.4... Read More
Technology and Techniques Used in Industrial Espionage
Industrial Espionage. These methodologies are being used on a daily... Read More
I Spy...Something Terribly Wrong (In Your Computer)
This really chapped my lips...I recently bought a new computer.... Read More
Hacking the Body Via PDA Wireless Device
First I would like to stress I am condoning the... Read More
How to Protect Yourself from Viruses, Spyware, Adware, and Other Nuisances
Spyware/adware is a new major concern for PC users everywhere.... Read More
Wells Fargo Report Phishing Scam
First off I should explain what phishing is. Phishing is... Read More
Free Antivirus Security Software: Download Now to Eliminate Spyware, Pop Up Ads, etc.
Adware. Spyware. Pesky pop up ads. Internet congestion. Computer malfunctions... Read More
Arming Yourself Against Spyware
While clicking from site to site on the internet you... Read More
Wireless Network Security
Working from home has its advantages, including no commute, a... Read More
Consumers: Shop Online and Get Information Safely
Do you really have to know how feeds work? Not... Read More
Internet Small Business and Fraud
Be careful of sites that promise to send you "instant... Read More
Make Money Online - Defend Against The Latest Scam
First, let's do a little recap'. As I stated in... Read More
Steganography ? The Art Of Deception & Concealment
The Message Must Get Through ----------------------------- The year is 300A.D.,... Read More
Personal Firewalls for Home Users
What is a Firewall?The term "firewall" illustrates a system that... Read More
Identity Theft - Dont Blame The Internet
Identity theft ? also known as ID theft, identity fraud... Read More
Preventing Online Identity Theft
Identity theft is one of the most common criminal acts... Read More
The Important Steps To Protect Your Kids on the Internet
Internet is the ocean of knowledge. In this ocean you... Read More
A New Era of Computer Security
Computer security for most can be described in 2 words,... Read More
The Move to a New Anti-Virus Model
This is the second in a series of articles highlighting... Read More
Is The Internet Over Regulated
Today's Internet or World Wide Web is being over regulated.But,... Read More
Internet Security |