Archive for the ‘Password Management’ Category

Password Vaults: Keep your Passwords Safe!

Friday, April 15th, 2011

Does this scenario sound familiar?

It’s time again for you to change your Loyola password and due to the password complexity requirements, you end up creating a password with a string of numbers and letters that’s impossible to remember.  Each time you need your Loyola password you find yourself reaching for that sticky note that you hid in your desk drawer.

Now compound that with 10 more accounts and 10 more passwords for each account.  Suddenly you have a memory nightmare!

If you have more than one username and password it can be a struggle to manage your login information securely. For this week’s Tech Tip, The University Information Security Office (UISO) provides you with information and resources to help you manage all of your passwords.

What are Password Vault Technologies?

Password Vault Technologies allow you to store all of your user names and passwords in one securely encrypted database.

Why should I use a Password Vault?

  • It allows you to use stronger passwords that are not easy to remember, especially as password complexity rules become stricter.
  • No more needing to set all your accounts to the same username and password.
  • It requires you to only have to remember one master password.
  • It will keep you from having to write down passwords which are easy to lose or have fall into the wrong hands.

How does a Password Vault keep you safe?

You can put all your passwords for your accounts in one database, which is locked with one master key. You only have to remember one single master password to unlock the whole database. The database is encrypted using best and most secure encryption algorithms, so you can be assured it will not be broken into.

The password vault technologies come with these features:

  • Database Encryption– Encrypts the complete database, not just your passwords. User names, notes and other data are encrypted too.
  • Protection against guessing and dictionary attacks– These technologies have anti-brute forcing protections built in to the product.  However, be sure to select a good master password!  Any easy-to-guess password will expose all of your credentials.

Which Password Vault product should I use?

The UISO recommends the following Password Vault technologies, which are both open source and free:

Safely Manage all of your Passwords

Thursday, March 5th, 2009

As you know, the best way to maintain control over your privacy online is to create tough passwords that you change on a regular basis. But as the list of your online accounts that require unique logins and passwords grows, it becomes a great challenge to remember them all. If you have over a dozen accounts with passwords and you struggle accounting for them all, you should consider investing in “password management software”, or software that is specifically designed to manage, securely store, and help you use your passwords. With such a tool, you will only have to remember one master password to access the rest of your passwords.

Freeware

Password Safe (Windows)

http://sourceforge.net/projects/passwordsafe/

Password Safe keeps all your passwords in an encrypted database.

Password Corral (Windows)

http://www.softpedia.com/progDownload/Password-Corral-Download-2309.html

Password Corral is another popular freeware password manager for Windows.

Commercial Products

Roboform (Windows) $29.95

http://www.roboform.com/

Roboform is an advanced password manager and form filler for Internet Explorer and Firefox and is an excellent computing tool. It creates passwords, saves them, stores your login ids and information, and takes the time to fill all of the information on all of those pesky online forms for you. It works as an addon to your browser, but there is also a USB version called Pass2Go.

1passwd (Mac OS X) $39.95

http://1passwd.com/

This is the Mac equivalent of Roboform. It stores all of your passwords and forms information within the built-in OS X Keychain.

Tips on Creating a Strong Password

http://www.microsoft.com/security/online-privacy/passwords-create.aspx