Managing your passwords – my recommendation

Image courtesy of Joshua Davis

When it comes to computer passwords there are 3 things I’d always recommend…

  1. Give each site, or piece of software, a different password – never re-use!
  2. Make your passwords complex
  3. Never record them in a spreadsheet!

Basically, when I sign up to a site I find out how long and complex they’ll allow a password to be and create it to that limit! Up to 16 characters line with both upper and lower case and numbers accepted? Find, then it’s 16 characters of mixed case and numbers. The bigger and more complex the harder to crack. Short of getting one of the computer forensics degrees, here are some more tips for you.

Many people use browser based solutions such as LastPass. Apart from the fact that these are restricted to your browser you are also leaving all your passwords with a single company in “the cloud”. A single security flaw and you could loose them all. Look at Sony’s issues this year as a perfect example!

My solution is secure and isn’t tied to a browser. It’s downside is that it’s tied to only computers that I use (which many may also see as an upside!).

I use the excellent open source KeyPass software. However, I use the portable version installed in my Dropbox folder, with an encrypted and secured password file saved also in Dropbox.

The result of this is that wherever I have Dropbox on a PC I can access KeyPass and the resulting file. There’s even a version of the software for Android and I download the latest version of the password file using the Dropbox Android App to access it.

Dropbox, by itself, is not secure. However by encrypting and securing the password file saved onto it even if someone gets hold of it they can’t access the passwords within it. As a result all my bank and other financial passwords, amongst many others, are long, complex and hard to crack – I can afford to make them impossible to remember because I don’t need to. And, although KeyPass won’t fill browser fields in automatically, it will generate highly secure passwords for you.

Do you have an alternative, secure recommendation? Add a comment and let me know!


2 responses

  1. I like the idea but I still do it the old fashioned way and keep my passwords in handwriting and have found that most sites have a password recovery so if I ever lose this book I can recover my passwords. got to admit it is getting crazy with all the sites I have in my life and the average citizen probably has to remember 12 passwords.

    1. Good to hear a Psychiatrist “getting crazy” with passwords 😉

Talk to me!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: