Passwords Finally Secure...

You probably know this problem: Since the Internet got big with all the interactive websites that require registration you have been using more or less the same tiny set of passwords over and over again. Maybe you already had some sort of strategy like using the strong passwords for more confidential websites and weaker passwords for websites you didn't care that much.

Maybe once in a while you chose to invent and remember a new password, because you were already becoming to feel that this overall approach wasn't right. News about web servers being attacked by hackers and stolen user/password information may have made you feel worse until you finally decided that you'd have to use an individual password for each website!

But how to remember that many passwords???

The obvious solution is a list where you write them down. A single sheet of paper locked anywhere in your home would be secure, but not very convenient. Just imagine you have mobile device you want to use outside of your home. Taking the password sheet with you and loosing it could result in a disaster! Read more about a different approach which turned out to be the ultimate solution for myself after the break.

Well, the basic idea is to store the password list online, where you can access it all over the globe... maybe even in an Internet-café while you are visiting other countries. But wait! Before you upload the list as a plain text file into your email account you should think about the danger in doing this:

• Your email account could get hacked.
• Somebody could sniff the passwords while you are viewing them online without using an encrypted connection.
• Your email provider could read your passwords.

So that's still far from being perfect. Luckily, there is a way to tackle these issues: You have to encrypt the password list using a strong master password. Since you will unlock/decrypt the file off-line on your machine, it will be nearly impossible for anybody on the Internet to find out the master password... and yes - this even includes your email provider or online storage host!

You now are thinking that a software managing this off-line encryption of your password list while providing convenient ways to structure, find and access your login information would be awesome? Well then have a look at KeePass Password Safe. It is available for many platforms including Linux, Mac and Android - the main platforms I use. By the way, personally I store my password database using Dropbox!

Ultimate password security is not possible, but you can get even closer by keeping the following points in mind:

• Use a very strong master password
• Do not open your password database on untrustworthy machines
• Keep your eyes and mind open :)

To get you the idea of the KeePass software here is a screen shot showing the application on my Ubuntu machine.