Stored Password Security

An enormous number of people set their web browser, e-mail client, and other software, to store their login details. Then, they leave the computer unattended for maybe hours at a time, often without locking the workstation first. I surely do not need to spell out how this could affect security.

Personally, I don’t store any passwords on the computer. This does mean I have to remember them all, but I have a good memory, so that isn’t a problem.

But what about those of you struggling to remember the one or two passwords to log into the computer in the first place? You don’t want to have to remember 20 passwords, all for different websites.

Well, I’d like to advocate those programs which store all of your passwords, encrypted, and require a single password for access. Choose that password wisely. Don’t use any password you use elsewhere, make it as long and complex as you are able to remember, and make it hard to guess.

These programs differ from storing your passwords in, for example, Firefox because you must enter a password to access the password store in the first place. Once you’ve done this, you can easily obtain the login data for any website you visit, and if you’re leaving the computer for a while, lock the password store before you go. You don’t have to lock the entire workstation, or remember a screensaver password on top of all the others.

Software like this exists for a reason. While it may not be the ideal solution (which would be to remember the passwords yourself, or to set up systems which use other authentication mechanisms, such as public-key based SSH logins), it forms an interim response to weakened security due to “password manager” features in browsers, e-mail clients, instant messaging systems and so on.

10,800+

free

Signup Now!

Article By Bryce Whitty
Bryce Whitty is a Professional Computer Technician who started his business when he was 17 year old. Bryce writes Technibble articles about Business How-to's and stories from "the trenches".

Other Articles by Bryce Whitty

Alden says:

June 16th, 2007 at 2:12 am

This is especially good advice considering the recent tool of the week System Information
http://www.technibble.com/repair-tool-of-the-week-system-information/

This program will display passwords stored in the browser in plain text. Cool, but dangerous, eh?

Dovell Bonnett says:

June 16th, 2007 at 3:06 pm

Hello Bryce,

I agree with your comments in your recent article “Stored Password Security” but I would like you to take a look at our product Power LogOn. As the CEO of the company of I know the product to be fantastic. What makes our product so unique is that is stores your passwords to log onto a computer, network, web sites, and password protected data files form Quicken, Word, Excel, and hundreds of others. And when you remove your smartcard no passwords are ever left behind. Thus offering secure portability.

Because we use a smartcard all the data is safe from hackers, viruses, key loggers, spyware, etc.

Because of all the capabilities of Power LogOn, please check out our site a http://www.access-smart.com to learn more. I am also always interested in product reviews by the media so if you need an evaluation kit please let me know.

All the best
Dovell Bonnett
Founder and CEO
Access Smart

Carmelo Lisciotto says:

June 17th, 2007 at 9:48 am

Definitely good advice.

Carmelo Lisciotto

fitness says:

June 19th, 2007 at 5:20 am

I wish applications allowed longer then 5-12 characters. Looking forward to the day when we can use phrases.

Laziness will overcome people then as well, as everyone will just revert to a “MyYahooPassword” or “EmailPassword123″ eventually.

jaquwann says:

February 25th, 2008 at 12:28 am