Online security is obviously an important issue and passwords are the first line of defence.
Recently the company I use to host this web site and my emails was hacked so I had to reset a large number of my passwords, just in case the hackers managed to get hold of any useful information. This made me think about what my passwords should be and where I should store them. I have been guilty of using the same, or similar, passwords for many different web sites, so that once someone knew one password they could have a good guess at some of the others. This meant that I had to have a way of coming up with unique and hard to guess passwords for each site.
To cut a long story short I have decided to use Passpack. Passpack is an online password manager that can generate random passwords and store them so that you can access them securely from any browser. This is handy if you travel a lot or use a number of different PCs. I did consider using a simple encrypted spreadsheet, or a PC based password manager, or storing some data on a USB memory stick but, IMHO, all of these have problems if you use multiple PCs or you lose your USB stick. Obviously you’ll need a userid and password to log on to Passpack so you’ll need to remember these all on your own. Passpack also uses an additional pass phrase so if someone gets hold of your password then they will still need to know the pass phrase. Don’t write them on the same Post-It note! The session uses https so all the data is encrypted over the internet.
I have now used it to generate and store new passwords for all my key web sites. It has a handy feature where you can add a button on to your toolbar so that when you go to the logon page for one of the sites stored on Passpack you can press the button and it will automatically log you in. It can’t log you in to web sites that use multiple passwords or PIN numbers spread over multiple pages, such as banking web sites, but you can use it to store all the information so that you can refer to it when you need to.
I’ve been using it for a few days now and it seems to do the job.
If you don’t want to use an online password manager then you could just do something relatively simple like using an encrypted spreadsheet and back it up on to a USB stick that you can carry around with you. My USB stick has the PortableApps application installed on it. This allows you to install and run other applications directly from the USB stick on any PC (assuming it runs Windows). You can install OpenOffice on your PC and on the USB stick and then use the Calc (Spreadsheet) app to create an encrypted spreadsheet (save the file with a password) that you keep a copy of on the stick. Just make sure that you have multiple copies of the spreadsheet and that you keep them in sync. You could also keep a copy of the spreadsheet on one of the many online storage options available now. Microsoft will give you 25Gb for free using their SkyDrive offering. Use your Hotmail ID to log in. Skydrive explorer allows you to view the online storage as if it was an extra disk on your PC.
OK, I think that’s enough about passwords for now.