Password Management
These days most people know the ill effects of using the same password for all their accounts; an entity gets hacked the attacker uses said password to unlock the same account on a multitude of other sites and things turn ugly real quick! On a related note, the complexity of your password versus your ability to remember it as opposed to writing it down have very impractical aspects. Along comes the ever-so-handy password manger app. Using an app to bridge that gap between the unsafe practice of writing a password on paper (or virtually) and having to remember complex passwords can be bliss if done properly. Here's how:
A few key factors come into play:
- the password file should not reside online in the open or unlocked state
- the file needs to be redundant aka backed up
- the system needs to be both mobile and easy to use
Before we go any further, lets look at the concept of a good password app. Essentially, a password app is a file in the form of a database that is locked and unlocked using a key or password. So we use a master password to unlock our list of passwords (and credential details such as usernames and site URLs). Some argue that having all the passwords in a list in itself is unsafe but one must consider the alternative and once properly evaluated most come to realize that although a password app is not perfect it is significantly better than most alternatives. I digress. The database file is opened/closed or locked and unlocked with the a compatible app on any device it is loaded on. This means you can safely (and ironically) store your password file on a cloud drive so long as you do not open it from the drive but rather use the drive as a means of making the file mobile to move it from one device to another. And as long as you move it to a device that has a compatible app installed using your known master key you can safely open it view the password(s) you need access to on the device and lock it back up.
There exist many derivatives of the app I recommend but all of them are compatible with each other and work well. Therefore I suggest loading up the app store on each of your devices to see which rendition of KeePass exists in common for your devices and installing an appropriate choice. If you have a Windows computer it is likely to be your "home base" and I would recommend installing the original app located here:
For what it's worth, my favorite android app for Keepass is Keepass2Android.
Another very critical step that can be taken in regards to safe computing is adopting a system called two-factor authentication. A KB article on doing this will follow shortly. Stay tuned...