I travel a lot and often worry both about password security on my work/personal pc and when using public pcs. Want to be able to securely share passwords across my machines as well as have a way to log in on public machines without running the risk of keyloggers and other potential problems. Recently found out about a service that combines the strength and control of locally encryption – so the service doesn’t have access to my passwords – using a hash – and the ease of use of a web-based application – Lastpass.com. I think they are in beta but early comments i’ve read have been positive – so I think they may be onto something at lastpass, any one else heard of them/used them – http://www.lastpass.com

There’s also a great post on how pattern recognition might be the key to secure and easy-to-remember passwords at
http://www.pcis.com/web/vvblog.nsf/dx/would-you-give-me-your-password-for-a-candy?opendocument&comments#anc1

You may take a look at ManageEngine Password Manager Pro. It is an Enterprise Password Management solution and offers clear segregation between enterprise passwords and personal passwords.

Enterprise passwords can be shared by the owners with others. Personal passwords remain purely personal – the way you want.

The product offers free edition too. For more info: http://www.passwordmanagerpro.com

Bala

When a lightning surge took out my PC several weeks ago I decided to jump over to an iMac (and I’m very happy with that decision). Being a user of Roboform and ewallet on the PC, I needed similar apps for the Mac. After looking around I decided on 1Password. It was able to import both my eWallet and Roboform data. It also was able to export all this information into iPhone as Safari bookmarks (encrypted and secure). Soon they will be releasing an iPhone native app.

It’s a great solution for Mac OS X users. A great purchase.

I use Phatnotes on both PC and Pocket PC and protect notes which contain sensitive data including passwords with the same master password. Pretty rare to be looking for more than one set of details at a time. Works well for me.

I use SPB Wallet on my PPC. Works well and ensures that I always have my passwords with me since I’m never without my phone.

My HP 2710P has a fingerprint reader but I’m not sure it is much of a time-saver. Why doesn’t James Bond have to swipe his finger multiple times to enter those secret labs?

I cast another vote for KeePass! It has been my “catch all” for passwords, URL’s, personal info, etc. I have it shared via Foldershare between my work laptop and home based PC. A copy also stays on my USB drive.

My passwords come in 2 parts: a “root” password that remains the same combined with a pre- or postfix that depends on the site/application of interest.

I spent quite a bit of time generating a secure “root” password as follows:
- think of a good passphrase
- make it into a password by taking the initials of each word
- obfuscate it with l33t and gut-feeling.

This approach has served me extremely well. I only need to remember my original passphrase and the simple algorythm I use to append a pre- and postfix! Even if someone found out one of my passwords it would be useless since no 2 passwords are the same, even though they are built from the same root!

Encrypted Excel file containing passwords. All important passwords are salted, so they’re all different. By remembering the salting algorithm, I don’t have to look them up very often.

I actually love the RoboForm software myself. I use it all of the time and it takes all of the menial everyday tasks that I have to perform on my computer daily and shortens them extremely! What once took me fifteen minutes to complete now takes me only one second because RoboForm does the same task with just one click. In fact I wrote a Report about a lot of RoboForm’s capabilities for use that aren’t even touched on in the User’s Manual for RoboForm. You can get that Report here:

http://www.booksbonkers.com/TheRoboFormReport!1.html

Sometimes this link gets broken and puts you on a 404 error page. If that happens, then just copy and paste the above link in a new web browser page.

RSPM (really simple password management):
Use the same password for everything. Make sure it is genuinely random, contains both letters and numerals, and has at least 8 characters (you’ll remember it because you use it for everything). Don’t write it down anywhere and don’t tell it to anyone. Change it at least once per year; twice is more secure (but harder to do). That’s it.

Where I live we don’t even have to lock our doors or close the windows, why would I need a password if my PC is here?
Seriously though, I have an SD card hidden behind a picture frame which has a Word file that’s password protected! I’ve also started using an encrypted folder on my OQO. The problem is remembering to keep them synchronised. Think I’ll take a look at this Keepass thingy.

I have eWallet on my Q9 phone, but I really love the way that 1Password works on Safari, Firefox and Camino on the Mac – it feels more integrated than eWallet ever did on Windows. And I have a my.1password account now, too, so I can look them up online when I need to borrow another machine.

I’m also using keepass.
http://keepass.info/

It supports a wide range of os and it is possible to use your file over webdav. So i keep my keepass repo in my sharepoint mysite which sync with outlook 2007. thats the way i’m having a offline copy, but most time i’m online using a umts device.

Maybee you give it a try… is free.

Ciao Marco