Keyword Vaults for More Security
Almost everyone on the Internet uses multiple online resources that each require passwords. Creating and remembering various passwords can be inconvenient at best, particularly if security policies require minimum lengths, special characters, and the absence of common words. In general, the more secure your passwords, the harder they are to remember. Ema9$ne@;P2 is much harder to remember than MyDogSpot.
Password vaults are software applications that provide secure storage for passwords and related information. Access to the data requires entry of a single password (optionally a key disk), effectively making it possible for you only need one single password to gain access to all of your resources. By shifting your memory requirements to the password vault, it allows you to create much more secure login credentials for things like your network, your bank, your email, etc.
If you use a password vault, it is critically important that the password you use to access it is secure since, in effect, it is the key to all of the other information. This means that your password(s) should be at least 8 characters long, use a variety of symbols (letters, numbers, and punctuation), and avoid easy to guess information like words in the dictionary, your address, etc.
Isn’t there an inherent risk in storing login information for multiple resources in one location? Yes. However, a password vault makes it easy to create and use stronger passwords for all of your logins, thus your overall security may be much greater since individual account logins may be much more secure.
While I cannot vouch for its security, I like KeePass for a number of reasons:
- It’s open source. In addition to the nice fact that it’s free, this also means that many smart people have looked at its security, and also that an active development community would theoretically jump on any problems.
- It generates strong passwords for you with any combination of allowable characters.
- You can store lots of other information in it as well as usernames and passwords.
- Credentials can be organized into any number and depth of categories.
- It provides double-click copying of usernames and passwords onto the clipboard for pasting into whatever login screen you need, thus eliminating typing errors.
If you have experience with similar tools, I would love to read your comments.