Keepass is a free, open-source program for managing your passwords. You can also use it for other things: for example I use it to store my passport info and my Costa Rican residence info.
You should have a separate password for every site you visit on the Net. And these passwords should be secure: which means it would be nearly impossible for you to remember all of them.
Fortunately, most browsers will remember your sign-in information for you and enter this information for you whenever you enter a site that asks for it. Also, many sites, such as Amazon, keep this information in a cookie, and automatically log you in. Firefox does a good job of remembering passwords, but some sites will not let Firefox enter the password for you. When I go to my commercial mailing service, Aerocasillas, for example, I have to enter my password myself - I have to go to Keepass, put my password in the clipboard and paste it into Aerocasillas.
I change the password to my online banking account every month, according to a schedule I set up on Google Calendar. I tried to be clever about this, and made it using every character on the keyboard such as: (.SI!n+>. And I stored them on Just1Key, a neat service on the Web, that encrypts your sign-in info, so you only have to remember one password to access your other user names and passwords.
This was fine until I found out that HushMail was giving the Feds its user's passwords - and Just1Key uses Hushmail's technology. All of a sudden, my security wasn't so secure. So I went to sourceforge to find out what free open source programs they have for storing passwords. They have two: Password Safe and Keepass. I downloaded both and tried them both. I like Keepass the best - although Password Safe is a fine program too.
Keepass has two ways you can access it: a password you remember or a password file - or both. I opted for both, I'm the kind of person who wears both a belt and suspenders: if one fails, you always have a backup. Keepass generated a password file for my USB pen drive, and I came up with a clever phrase that I could remember: not one word, but many.
Also Keepass supports TANs:
These are passwords that can be used only once. These special passwords are used by some banks. This provides additional security, as a spy cannot perform transactions, even if he knows the password of your banking account.
By bank doesn't use TANs yet, but if it does, I am ready for it.
Keepass will generate passwords for you - which are more secure than anything you can dream up for yourself. The next time I change the password for my bank, I am going to let keepass do the job for me.
Any complaints? Yes, the user documentation on open source projects is not always that helpful. They could really use a good technical writer on their projects, but since they are usually programmers, they overlook this.
Recent Comments