Unless I’m mistaken and you don’t use the Internet much at all, YOU NEED a password manager. Here’s the gist.
KeePass is free, open-source, cross-platform, light-weight password management program for Windows. If you aren’t using Windows but rather have a Mac, iPhone or Android OS unofficial versions of the program exist for pretty much any device or operating system out there.
KeePass works from one master “database file” which stores all your “secret information” in it. The database file is secure and encrypted. You can’t (or anyone for that matter) open your database file unless you enter your master password you set up the program with. You remember ONE password only, ever, and then you have access to all your stored passwords and information. Easy. One master file. One password. That’s it.
It gets even better.
Because the database file that stores everything is secure and encrypted, it doesn’t matter who gets access to your database file. That’s right… you could accidentally send out your master database file to a thousand people in an email and it wouldn’t matter. No one could view the contents without knowing your password to get into the file. The advantage here is three-fold: 1) you could leave your database file on your computer desktop for you easy access and no one open it; 2) if someone gets unauthorized to your computer, network, email, files or device they can’t open your database file; and 3) you can email your database file to yourself, store it on a USB key, copy it to a second hard drive, stick it in the cloud, whatever, and you’ll have an instant backup that no one else can access.
I use Gmail, which is an email service available anywhere in the world provided you have Internet access. About once a month I email my KeePass database file to myself at my Gmail address. That way even if my whole computer system at home crashes, or if the whole house burns to the ground, I’ll simply login to my Gmail and get my up-to-date database file. In the meantime should my email become compromised no one can open the file anyway even if they have a copy of it.
And better still: KeePass has a built-in password generator.
When you go to add a new entry in KeePass (Edit/Add Entry in the menu) you give your entry a title which is often the website name or account you are signing up for, fill in your desired username, and when it comes time to choosing a password for this entry you can click the “password generator” icon which opens another screen helping you configure a tough-to-break password. I say “configure” because the password generator screen allows you to choose how long your password is and what kind of special characters may or may not be included in the password. From there you can click the “Generate” button as much as you like until you are happy with your choice. Click the Accept button when you’re happy. See graphics below.
Because you’re still here reading this you are likely new to the “password manager game”. You now have to get your head around the fact that none of your passwords will be easy for you to remember, or for anyone to break. Often times when new to this way of storing/generating passwords your eyes see the completely crazy password suggestion by the program like “en:7S^&!u7^ktH*;W!`R8b” and you think “I’ll never be able to remember THAT!”. Well that’s the point. You won’t remember it. And no one can ever guess it. Your into the land of strong passwords now. All of your passwords once using KeePass will be awesome un-guessable passwords. You only ever need to know your ONE main master password to get into KeePass which then gives you access to all of you nonsensical passwords.
Read the usage tip below to see why you will never have to type out any of these twisted, tangled and nasty looking stored passwords.
That’s it. You’re good to go!
If you’d like a download tip, usage tip, and bonus tip keep reading.
Downloading: When downloading KeePass there are a few options. Nothing difficult but I’ll point you in the right direction as this might be your first time. On the KeePass download page there look to be 4 options for the program download—those 4 green boxes. You want the top left box under Classic Edition. Download the program and run it to install KeePass. If you have experience with KeePass and you want to run KeePass as a stand alone app rather than installing it, then you can download their portable version underneath their main installer option.
Usage tip: OK. You’ve been adding entries in KeePass for sometime now and are happy your passwords are now tough and secure. Fine. But are they easy to access and use? It might not seem so at first, but here’s what to do: Anytime you need to enter one of your saved username and passwords, open KeePass with your master password, then just double-click the username or password field to have it loaded to your clipboard for a quick copy and paste.
That’s right!—when confronted by a website for your username and password, with KeePass open you can just double-click the username field in KeePass and it copies the info to your clipboard where you can just right-click and paste it into the website field asking for that info. Same with your password. This makes “getting in” very quick regardless of how long or nasty your password might be. Double-click and paste it in. Done.
Bonus Tip: With each entry there is a text area field called “Notes” where you can store all kinds of information. I’ve created entries for all of the important cards in my wallet; Credit Cards, SIN card, etc. and stored all their relevant numbers on the front and back of the cards, but also the phone numbers to call should one day my wallet go missing. Combine this with my Gmail back-up tip and no matter where I am in the world (with or without my wallet) I can download my KeePass file, open it with the program, and have access to all my stored passwords and as well all of the important info I’ve stored from my wallet.
“If you adopt just one security tool this year, make it KeePass.” – Erez Zukerman, PC World
Aside: There are likely many password manager programs to choose from but I’m recommending KeePass today because it’s the one I use and have experience with. I’ve been using it for a few years now and was reasonably shocked today when I looked and found I hadn’t mentioned yet here on my blog.
Links:
KeePass official site
KeePass download page
KeePass on Wikipedia
Erez Zuukerman’s blog post review of KeePass