It is really difficult to keep all those passwords in your head - email, various forums, groups, support sites, PayPal, Amazon, online bank account access, and many more. Had the passwords been constant, things would be simpler - buy many websites (rightfully) demand to change passwords from time to time, which makes remembering them harder. So it seems there are two options - one is to keep all passwords trivial, reuse the same passwords for many sites and hope for the best. The other option is to use good passwords, and shuffle them sufficiently to be different for the important places (PayPal, email, bank, etc). To make this feasible, one should either have an amazing memory, or use a tool such as a password-organizer. So this week, having gotten yet another password-change request from my online trading account, I decided enough is enough and downloaded KeePass. Passwords are a sensitive and tricky business, so it was vital for me to use an open-source program. Public scrutiny is very important in such cases, as backdoors are much harder to plant. KeePass is an open-source program written in C++ that is available for all platforms and looks very professional. It uses AES (or TwoFish) with key lengths up to 256, and a SHA-256 hash to store the passwords database and the "master password" (a single password that holds the key to the others - so this one better be strong, which isn't too hard as it's only one password to remember). It also has some nice tricks to make protection better - such as encrypting the master passwords with N rounds of AES after the hash computation, to make brute-force much less feasible.


comments powered by Disqus