2013-01-22

Passwords

So, I take a week or two off of blogging. Is that a hiatus, or a slow start?

Anyway, I noticed today that I use a tool that is likely not widely known. That tool is PasswordSafe, originally produced by Bruce Schneier. (Downloads available here.)

Once upon a time, I had picked a password that was relatively easy to type. It was also (in my opinion) hard to guess. Then I started to get multiple accounts for online email, Bulletin Boards, school email, email at work, access codes at work, login for the work computer, etc.

And I realized that some of these password lived on databases that are well-protected, and others on databases that are poorly-protected. But if an attacker/hacker/internet-bad-guy was able to get into one of the badly-protected databases, he might be able to see the password, and my email account. If both were the same, then the attacker might have access to my email.

And anyone with access to my email can discover most of my online accounts, and likely change the password to something I don't know.

This realization led me to a different pattern. It was now a cluster of passwords. Different types for different situations. But I also had to keep a list somewhere of passwords that I didn't use very often. And things got cumbersome when the cluster had hard-to-remember variations. (Site A will let me mix upper-case, lower-case, and numbers. Site B requires at least one non-alphanumeric symbol. Site C wants three of those four categories...)

PasswordSafe provides a better way to handle multiple passwords. It can use databases that are easily transferred between my home computer (running Linux) and my work computer (running Windows). It can live on a USB drive, so that I can take the program and the database to any computer.


It can also generate a unique password for each site. The passwords are all random gibberish. More importantly, the password database requires a single password/key to open. Thus, I only have to remember one password.

Currently, the only place where I do not use the PaswordSafe program is my Smart Phone. Which doesn't mean that it's impossible. It just means that it's not convenient enough for me, yet.
Posted by at

No comments:

Post a Comment

I like thoughtful feedback; I prefer polite feedback.

I don't like screeds.

Comments older than a few days will have comments go into moderation.

Subscribe to: Post Comments (Atom)