Keeping Your Passwords Safe
Keeping Your Passwords Safe
There is a famous xkcd comic about passwords.
Although there is merit to message, with the amount of passwords one
has to remember these days, this strategy is infeasable.
Table of Contents
1 Password Manager
A more scaleable solution to the password problem is using a password
manager.
1.1 Benefits
The benefits a password manager offers fall in the following
categories
- Store passwords. It is not uncommon to need a lot of
passwords. Reusing passwords if frowned upon, because it would
provide access to multiple sites once one password is
known. So you need a different password for each site, that need to
be recalled. A password manager has no problems to hold hundreds
of passwords. - Securly store password. Having passwords is one thing, but you
would not want your passwords to be exposed. Writing them down on
a piece of paper offers adversaries an opertunity to know your
passwords. So password managers need to store your password securly - Generate strong passwords. Human are ill equiped to come up with
strong passwords. Again computers have no problems to generated a
seemingly endless stream of (pseudo-) random numbers.
2 Usage
We will discuss KeePassX, although other password manager work in a
similar fasion. I use KeepassX because it is available for a lot of
different platforms.
When you start the progam you are greeted with the
following screen. It is not very usefull because there are no
passwords yet.
You first need to create a database. In order to keep your passwords
safe it is best to both provide a master password and a master key file. This way someone needs two thing, something you know, i.e. the
master password, and something you have, the master key file. Store
the master key file on a thumb drive making it a portable. You will
still have to remember the master password.
Once you have created a database you need to store it
somewhere. Because you want to use it on different devices it is best
if the file is automatically synchronized. I use Dropbox, but other
file synchronization providers can be used as well.
Now that we have password database synchronization it is time to add
passwords. Password entries can be provided with a lot of
information. E.g. the url for to this entry, the username and
expiration date.
Most important is the password. Password managers can generate
passwords for you. This allows for very strong passwords that are
very hard to guess are crack. There are a lot of options to pick, but
again choising a long password with a lot of entropy is best.
When the entry is created you can use it. The program copies the
username and password to the clipboard so it can easily provided when
needed. When you close the program, it also wipes the clipboard so it
will not be accidently exposed.
3 Conclusion
Using a password manager allows for more and more secure
passwords. By synchronizing the password database it is usable on a
number of different platforms, keeping a user safe from password theft.