In today’s era of identity theft and the need for personal privacy protection, having a good method of maintaining password security is required. Of course, there has long been the assumption that you are ‘protected by anonymity’, where you simply work on the belief that there are so many other users out there that you are safe because they’ll just never encounter you. That might be likely if it was just a human doing it, but increasingly, cracking programs that scan multiple users are using more sophisticated methods.
Even a program using a ‘dictionary attack’ (trying every word in a dictionary as your password) can be used to try to gain access to your account. This, and even more robust methods, makes it necessary to use a different password for each site and to make sure that those passwords are not easy to guess.
What your password is protecting may be relevant. The password for your bank’s website or your web email is probably more important to you than, say, your MySpace or Twitter account. Use protection as you see fit, but don’t assume that just because a website isn’t important to you will mean that it will be ignored by someone else.
Of course, you have a number of options available to help you. First, any good password will use at least two or three of the following four types of characters: lower-case, upper-case, numbers, and symbols. Better still is to use all four types. Also, the longer the password, the more secure it will be. At the very least, use upper and lower case letters if you decide to make your password just a word or phrase. The problem here is that trying to memorize a very cryptic password such as 25Tm*_hN(@_1ok~49 is just not going to happen, despite the fact that no one else is likely to guess it. The problem is, neither are you.
Second, you can make your password an acronym. For instance, what if you liked the phrase: “We the people, in order to form a more perfect union”? This is actually a good, long password, but admittedly, it is perhaps longer than you might want to type in each time if you visit the website that uses it. Consider taking the first letter of each word: “Wtp,iotfampu”. Notice the capital letter in there as well as the comma. With this password, we’re using three of the four types. It is a very good start for a properly mixed password. It would be relatively easy to remember because you’re remembering the full phrase, not just the acronym.
Third, you should have a different password for each website. True, you could create a different one for each, but an easier trick is to have a base password (such as the “Wtp,iotfampu” from above and add to it something like the domain that will change for each website.
For instance, at the Yahoo website, the password would be “Yahoo- Wtp,iotfampu” or at the MySpace website, the password would be “Myspace-Wtp,iotfampu” and at the Digg website, it would be “Digg- Wtp,iotfampu”. In each case, you get a long password that is unique for each site and all you have to remember is just the same, base core part of the password by just keeping that favorite phrase in mind and prefacing the password with the domain name.
But of course, we have so much going on in each of our lives that sometimes we don’t want to have to remember that when being online. At this point, our desire is to just hand the problem over to another program on our computer that will remember them for us.
To that end, lets look at some of the programs out there that you can use. If you are using the same computer to surf the web, then any of them will be a good start. However, if you will be at different computers, than you’ll want some kind of program that can run off of a flash- or thumb-drive that you insert into a USB port.
In all cases, the program will give you the option to remember a master password that will give you access to all the others. Ideally, the program will automatically interact with the web browser you are using in order to offer to fill in the appropriate user name and password at the domain you are logging in to. So here they are:
This is a very nice and powerful Open-Source password program, which means it supports multiple platforms. For instance, there are versions for Windows, Mac, and Linux.
This password manager is available for use as a standalone app with Windows, Mac OSX, Linux, and as a free plugin for FireFox Portable. It can create strong passwords. You can log into your favorite sites with a single click. You can fill in forms in a second. You can access and manage your data from multiple computers seamlessly.
Clipperz is an anonymous online password manager. Nothing to download and install. Local encryption within the browser guarantees that no one except you can read your data. Clipperz has a password manager, and an online vault in the cloud for any kind of sensitive data.
This browser has a built-in password manager feature. You don’t have to use a master password for it, but it can make maintaining your password database more secure.
Sxipper is a Firefox extension that saves you time by keeping track of an unlimited number of usernames and passwords as well as the personal data you share every day over the web. It can be used to fill in forms, and manage Open IDs as well as manage passwords. You can use it to create separate identities and it can even use Firefox’s own password manager for storing your passwords.
Password Hasher (Free)
This is a Firefox extension that can create strong passwords for you. It can use one master key to generate multiple passwords.
RoboForm (Shareware and Limited Free use)
This is a Windows-only program, but it can run on various mobile phones, too. It integrates very well with Internet Explorer and can work in Firefox, as well.
This if for the Mac only. It can enter online usernames and passwords so you don't need to remember them. It has a Strong Password Generator that can create and automatically fill-in passwords. Plus, it has built-in Anti-Phishing and Keylogger Protection. You can also take your protected information with you on your iPhone, iPod touch, or Palm.