The hard-copy approach to password management
However, I give props to Apple and other sites that enforce strict password-creation policies, as well as to network managers who do the same. Efforts are underway to address the strong-password conundrum. As CNET contributor Lance Whitney described in post last week, Microsoft is working toimprove the password-management capabilities of Windows 8 and Internet Explorer 10.
An alternative method leverages something nearby. For example, there may be a product near your workstation that has a prominent model or serial number, or a book within view of your seat has an ISBN number on the back cover. Rather than using the exact number, add or subtract two or three numbers or letters, so 1158748562 becomes 3370960784, or BCGA1339 becomes DEIC3551.
Of course, the bad guys pay close attention to this information and will attempt to incorporate the approaches in their password-cracking efforts. The key is to get creative in altering something youve already memorized, such as song lyrics, mily members first names, or place names from your past.
How to master the art of passwords pc scanner,Web services and network managers nearly always require a minimum degree of password difficulty to prevent standard password-cracking techniques from guessing them quickly. Were also cautioned not to reuse the same passphrases on different sites and are routinely blocked from recycling the passwords weve used previously.
The obvious downside of the approach is that someone will find the taped to the bottom of your keyboard or tucked into your wallet and access your private data before youre able to take preventive measures. Or you may simply lose the and have to do the recover-password-by-e-mail two-step for each network and service you need to access.
For many people, the best way to protect their data and identity is tHow to master the art of passwords pc scannero use a password manager, which either stores your passwords in the cloud or on a local drive--often a USB thumb drive or other portable storage device. The obvious risk is that the vendors server is hacked or you lose the drive that stores your passwords.
Likewise, computer expert Bruce Schneier reiterated on hisSchneier on Securityblog the advice of Microsoft executive Jesper Johansson torecord your passwords on to encourage use of strong passwords.
Passwords are a way of life for nearly everybody who uses any kind of software. No viable alternative is imminent: fingerprint readers, retina scanners, voice identification, and USB tokens all have limitations. Nothing is as and inexpensive as an old-shioned string of keystrokes.
Your three options are to use a password-management program, to write your passwords down on (or record them in an encrypted text file), or to devise a method for memorizing hard-to-guess passphrases. While no single technique is right for everyone, heres why I suggest the memorization approach.
The wetware approach to password storage is still the safest
LastPass is available as aFirefox add-onand as an extension forInternet Explorer, Chrome, and other browsers. The version formobile devicescosts $1 per month.
If you forgo the password-manager route, your options are to write your passphrases down or to memorize them. Whenever you record your passwords on --even if you record only a mnemonic that reminds you of the actual characters--youve made your accounts a little more susceptible to unauthorized access.
Other password managers work without storing your passwords on a Web server. The Tech Support Alert site recently compared severalfree password-management programs, including LastPass, RoboForm, and KeePass.
That hasnt stopped computer experts from recommpc scannerending that users jot down their passwords and keep the in a secure location. Gunter Ollman, a researcher for security firm Damballa, concludes thatrecording your passwords on is the lesser of several password evils; more risky is using the same password at multiple sites, setting your software to remember passwords, iling to change passwords frequently, using an easy-to-guess password, and reusing past passwords.
Considering the number of times PC users sign into a service or network each day, we may need to remember a half-dozen hard-to-guess passwords, not to mention the various sign-in IDs we use along with the passwords (full name or first initial-last name? Case sensitive? An e-mail address?). Many computer professionals need access to dozens of secure systems, which stretches the limits of anyones memory.
The only problem Ive encountered with my own password-mnemonic creation is that some vendors require a mix of upper and lower case letters and numbers. I have become resigned to having to go through Apples Forgot your password? e-mail routine about every other week.
As you might have guessed,Mr. Schneiers 2005 post recommending that you write down your passwordsgenerated quite a few comments to the contrary. Most of the commenters suggested their own technique for remembering strong passwords.
Dennis OReillyDennis OReilly has covered PCs and other technologies in print and online since 1985. Along with more than a decade as editor for Ziff-Davis Computer Select, Dennis edited PC Worlds award-winning Heres How section for more than seven years. He is a member of the CNET blog Network, and is not an employee of CNET.
Last May, theLastPass password-management service reported a breachthat may have exposed users passwords, although LastPass CEO Joe Siegrist stated that people who used strong master passwords were not threatened.
This is doubly upsetting because my system uses from 12 to 16 random alphabetic characters (found in no dictionary and following no discernible pattern). As theHow Secure Is My Passwordsite indicates, the all-text, all-lower-case password I devised would take much more effort to crack than an eight-character password that meets Apples requirements.
Only time will tell whether PC users will ever be able to securely store their sign-in credentials in their systems software or on a services Web server. For most people, the safest approach to passwords is to rely only on their own personal gray matter. Lets hope a secure alternative to passwords arrives before our memories give out.
.mad_center text-align:center .mad_center div, .mad_center table, .mad_center iframe, .mad_center a img margin-left: auto; margin- auto
The pros and cons of password managers
Check the strength of your passwords at the How Secure Is My Password site, which indicates how difficult your password is to crack, and whether it&39;s on the site&39;s common-password list.
