Saturday, October 17, 2015

TechByter Worldwide | You Need a Password Manager, Manually Coding Websites with Brackets, Short Circuits, and Spare Parts

TechByter Worldwide | You Need a Password Manager, Manually Coding Websites with Brackets, Short Circuits, and Spare Parts: You Need a Password Manager

There are free password managers and ones that you pay for. Some of them have extra features you'll find useful. Regardless of the features and regardless of which one you choose, the important point is to choose something.

Web browsers can remember your login name and password for sites that you visit often, but storing passwords in a browser is considered a security risk. The browsers are getting better, but I still prefer to use a separate password manager because it will work with all browsers. I use at least 2 browsers every day and sometimes 4. Storing passwords in all of them and keeping the passwords updated sounds like more work than I want to do.

For the past several years, I've used the paid version of LastPass. Before that, I used the free version for a while. Even earlier I used KeePass and, in ancient history, PINS. There's no shortage of these applications.

One of the more interesting applications I've seen recently is Password Safe. It stores login data in a password-protected, encrypted file that you unlock when you need access to the stored information. Password Safe has an Auto Type feature that will log you in to sites and applications automatically. A default Auto Type action exists, but this can be customized for every application or site that you use. Some sites, particularly bank sites, use non-standard login procedures that cause automatic logins to fail.

Password Safe is somewhat more difficult than most to use, though, in part because the documentation appears to have been written by the person who wrote the program. That's never a good idea because the developer makes too many assumptions about what a user will know. As a result, it took several tries and more than an hour for me to import 400 passwords into Password Safe.

The primary shortcoming, though, is the fact that there's no option to store passwords on-line. There is a thumb-drive option, meaning that you must always have the thumb drive with you. And, of course, you could store the file on Google Drive or One Drive.

The customization possible with Password Safe is impressive though, and this might be the right application for more geeky readers. You can download it from SourceForge and, as of this writing, no additional applications are included.
Why You Need a Password Manager

Every website you visit that requires a password should have a unique password. I have to admit that I don't live up to my own admonition. I use the same password on several sites that I consider trivial -- ones that contain no financial information, for example. But my passwords are both unique and complex for non-trivial sites such as banks, website management, corporate e-mail, client data, and the like.

If you're looking for a free password manager, LastPass is my recommendation for most people. It has a remarkable number of features for a free application. The paid version (more about that in a bit) adds a few useful features for just $1 per month.

During the installation process, LastPass will offer to import all of the passwords you have stored in your browser. The fact that LastPass can do this is a pretty good indicator of the (lack of) password security in browsers. You will also be asked if you want to turn off password storage in the browser. The right answer is Yes.

KeePass is another good free password manager, but it has the same shortcoming that I mentioned with PasswordSafe: There's no on-line storage. If you use only a single computer, don't have a smart phone, and never need access to password protected sites from public computers, KeePass is a good choice.