With passwords proliferating like tribbles, I’ve had to upgrade from my two previous methods of managing my accounts.
The first method was the easiest: I had two passwords, an easy one and a complicated one. If the site was important I used the complicated one. If the site wasn’t important I used the easy one. Well… that started to seem like less and less of a good idea pretty much as soon as I started online banking and getting work passwords that mattered and stuff. So.
The second method worked for a long time: I had several passwords written down in a fairly secure online place that was itself password protected, and then I had an easy password that I used for all my “I wonder what del.icio.us is” experimentation online. That started seeming less and less good after several of the sites with the easy password got hacked multiple times and the hackers stole their databases of user passwords. Multiple times. And then I’d have to go through these millions of little sites changing a bunch of passwords all day. That got to be a less and less appealing way of spending a few hours. So.
Now I’m using an encrypted password manager. Here’s the setup. KeePassX (the Mac version of KeePass) on each of my computers and KyPass installed on my iPod Touch, each of these is directed to look at the KeePass database that’s stored in Dropbox (and the file made available offline on my iPod Touch).
Hopefully this solution lasts me for a while.
What people are saying over on FriendFeed about this post...
I use 1Password for these exact reasons. I have far too many passwords to remember & yet keeping them unique is a very valuable protection. 1Password comes with browser add-ons for Firefox, Chrome, & Safari which are super convenient. It also generates random passwords. The only downside is it’s costly (they make you pay for each new OS, so I paid $50 for OS X but it’s not on my Windows machine at work or iPod Touch) & while I can sync it over Dropbox, I’ve found using it on other computers to be somewhat clumsy. If I knew about KeePass I probably would’ve went with that.
The KeePass / Dropbox route is pretty much exactly how I went – though I’d add that there is a portable apps version of KeePass for windows – I have a small selection of core portable apps installed on my dropbox account so that they show up on every (windows) computer I use on a regular basis – makes the password thing pretty painless.
Huh. I never thought to run it off of a mobile app in Dropbox. Live and learn.
Pingback: Whither Said Account? – Hedgehog Librarian
I’ve been using LastPass for the past year or so. It’s great for both storing passwords across browsers/platforms, but also generating secure passwords. I have both personal and work stuff in it, and believe me, I have plenty of the latter, what with each publisher/platform having their own admin login.