Keepass is a free, open-source program for managing your passwords. You can also use it for other things: for example I use it to store my passport info and my Costa Rican residence info.
You should have a separate password for every site you visit on the Net. And these passwords should be secure: which means it would be nearly impossible for you to remember all of them.
Fortunately, most browsers will remember your sign-in information for you and enter this information for you whenever you enter a site that asks for it. Also, many sites, such as Amazon, keep this information in a cookie, and automatically log you in. Firefox does a good job of remembering passwords, but some sites will not let Firefox enter the password for you. When I go to my commercial mailing service, Aerocasillas, for example, I have to enter my password myself - I have to go to Keepass, put my password in the clipboard and paste it into Aerocasillas.
I change the password to my online banking account every month, according to a schedule I set up on Google Calendar. I tried to be clever about this, and made it using every character on the keyboard such as: (.SI!n+>. And I stored them on Just1Key, a neat service on the Web, that encrypts your sign-in info, so you only have to remember one password to access your other user names and passwords.
This was fine until I found out that HushMail was giving the Feds its user's passwords - and Just1Key uses Hushmail's technology. All of a sudden, my security wasn't so secure. So I went to sourceforge to find out what free open source programs they have for storing passwords. They have two: Password Safe and Keepass. I downloaded both and tried them both. I like Keepass the best - although Password Safe is a fine program too.
Keepass has two ways you can access it: a password you remember or a password file - or both. I opted for both, I'm the kind of person who wears both a belt and suspenders: if one fails, you always have a backup. Keepass generated a password file for my USB pen drive, and I came up with a clever phrase that I could remember: not one word, but many.
Also Keepass supports TANs:
These are passwords that can be used only
once.
These special passwords are used by some banks. This provides additional security, as
a spy cannot perform transactions, even if he knows the password of
your banking account.
By bank doesn't use TANs yet, but if it does, I am ready for it.
Keepass will generate passwords for you - which are more secure than anything you can dream up for yourself. The next time I change the password for my bank, I am going to let keepass do the job for me.
Any complaints? Yes, the user documentation on open source projects is not always that helpful. They could really use a good technical writer on their projects, but since they are usually programmers, they overlook this.
Privacy on the Internet
Eric Schmidt is the CEO of Google. On a talk show he said:
Bruce Schneier, who is a security guru with his own company, responded:
------
Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance.
We do nothing wrong when we make love or go to the bathroom. We are not deliberately hiding anything when we seek out private places for reflection or conversation. We keep private journals, sing in the privacy of the shower, and write letters to secret lovers and then burn them. Privacy is a basic human need.
For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that -- either now or in the uncertain future -- patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.
This is the loss of freedom we face when our privacy is taken from us. This is life in former East Germany, or life in Saddam Hussein's Iraq. And it's our future as we allow an ever-intrusive eye into our personal, private lives.
Too many wrongly characterize the debate as "security versus privacy." The real choice is liberty versus control. Tyranny, whether it arises under threat of foreign physical attack or under constant domestic authoritative scrutiny, is still tyranny. Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that's why we should champion privacy even when we have nothing to hide.
------
I can't put it any better than that.
However, I suspect that most care little about protecting their individuality, or that of others - and would rather live without it.