Archive for April, 2011

Password Vaults: Keep your Passwords Safe!

Friday, April 15th, 2011

Does this scenario sound familiar?

It’s time again for you to change your Loyola password and due to the password complexity requirements, you end up creating a password with a string of numbers and letters that’s impossible to remember.  Each time you need your Loyola password you find yourself reaching for that sticky note that you hid in your desk drawer.

Now compound that with 10 more accounts and 10 more passwords for each account.  Suddenly you have a memory nightmare!

If you have more than one username and password it can be a struggle to manage your login information securely. For this week’s Tech Tip, The University Information Security Office (UISO) provides you with information and resources to help you manage all of your passwords.

What are Password Vault Technologies?

Password Vault Technologies allow you to store all of your user names and passwords in one securely encrypted database.

Why should I use a Password Vault?

  • It allows you to use stronger passwords that are not easy to remember, especially as password complexity rules become stricter.
  • No more needing to set all your accounts to the same username and password.
  • It requires you to only have to remember one master password.
  • It will keep you from having to write down passwords which are easy to lose or have fall into the wrong hands.

How does a Password Vault keep you safe?

You can put all your passwords for your accounts in one database, which is locked with one master key. You only have to remember one single master password to unlock the whole database. The database is encrypted using best and most secure encryption algorithms, so you can be assured it will not be broken into.

The password vault technologies come with these features:

  • Database Encryption– Encrypts the complete database, not just your passwords. User names, notes and other data are encrypted too.
  • Protection against guessing and dictionary attacks– These technologies have anti-brute forcing protections built in to the product.  However, be sure to select a good master password!  Any easy-to-guess password will expose all of your credentials.

Which Password Vault product should I use?

The UISO recommends the following Password Vault technologies, which are both open source and free: