Password Perfect: How Password Management Software Improves Security
Remembering multiple passwords can be frustrating. Make your life easier with password-management software.
Juggling multiple passwords challenges even the best memory. Each password ought to be at least 15 characters long and a mix of letters, numbers and symbols. The password has to look random password-cracking software spots real words quickly by checking multiple language dictionaries. And to make things worse, IT departments often require regular password changes, so just when youve got one password memorized, you have to come up with a new one.
Small wonder that many people throw up their hands in despair and start taking password shortcuts, such as using the same password for multiple websites, or using easy-to-remember passwords like their names, birthdates or family pet names. These strategies may make it easier to remember your passwords, but leave you vulnerable to hackers and malware.
Youve got two solutions to this problem. You can improve your passwords, finding some way of remembering them that doesnt involve writing them down on an easily stolen sheet of paper. Or you can use password-management software, which remembers all your passwords for you.
A password manager stores your passwords using the Advanced Encryption Standard (AES). The U.S. Government has used AES since 2001. In addition, the password manager should have a master password that you use to access the system. The system should also auto-fill names and passwords and be compatible with your browser and operating system.
The software must be able to identify password changes and associate them with appropriate websites. In todays world of mobile devices, you also want a password manager that works with your phone or tablet.
Depending on the software, a password manager may offer other features, including auto-fill for online forms, easy import and export features, and multiple-user options. Many also include password generators that help you make long, secure passwords.
Security is, of course, vital where passwords are concerned. A password manager may include a virtual keyboard to foil keyloggers (malware that records your typing). Others include one-time passwords for use on unsecured, public WiFi networks.
Password managers are not perfect. With dozens on the market, and even more open-source programs available, quality varies widely. Even the best managers have a potentially fatal flaw, and as so often happens, the vulnerability lies between the software and the user.
The problem occurs during installation, when the software asks users to establish program settings. Too often, people opt for convenience over security, choosing easy-access settings that leave their passwords vulnerable to attack. Opt for the most stringent settings: After all, youre using the software to protect yourself.
You may wonder why, with many browsers offering password-protection features, you cant just rely on your web browser to remember passwords. Unfortunately, password protection built into browsers usually isnt very thorough. While such features can be relied on to auto-fill passwords, the quality of security is open to debate.
While a host of password managers vies for your attention, youll see the same software recommended time after time on tech blogs and review sites. These programs show up for a reason: they work.
LastPass is a cloud-based password manager you can access from any device. The program does not store your master password, and encrypts passwords before sending them. Because the software is online, you wouldnt be able to access your passwords if the cloud server goes down (an unlikely, but possible, event).
If you prefer to store your passwords on your hard drive, consider Roboform for Windows devices or Mac 1Password for Macs, iPads and iPhones. Both are easy to use and are available at a reasonable cost. If youd rather use a free, open-source program, consider KeePass. Bear in mind, however, that KeePass requires users to have more computer knowledge than the other programs listed here.
Finally, remember that passwords, while important, are only one aspect of computer security. Keeping your antiviral programs and operating systems updated with the latest patches is just as important.