Something that affects all of us in both our business and personal lives is password security. As we do more and more online, especially in the payments space, we have to remember an increasing number of passwords. It seems like every week there is another website security breach (and I always wonder about the ones we don’t hear about!) which makes it vital to keep everything unique. You really don’t want that password from a hacked shopping site letting a malefactor get access to your corporate servers, your bank account or even your Facebook profile – it’s not going to end well.
Managing all these IDs and passwords is a huge challenge and the only way to do it in a secure manner is via an encrypted database app.
What surprises me is that more businesses don’t mandate the storage of passwords securely.
Employees are told to keep them secret but how? Relying on human memory is a risky strategy and the result is employees using the same password across multiple applications and quite possibly putting them on Post-it notes!
I’ve been using 1Password across my iPhone, iPad and Mac for a while now and last week Agilebits released their new version for the Mac – 1Password4. This is a significant upgrade involving a complete rewrite of the code and adding both a new look and new functionality. The app has many great features including prompts to save new passwords when you enter them on websites, a mini mode that sits in the Mac Menubar, browser extensions and my favourite; the Security Audit.
The Security Audit (see below) shows you which of your passwords are weak, which are duplicates and which are old enough to merit changing. This analysis is vital in understanding where the weaknesses are in your password inventory.
This quote from the 1Password website sums it up:
Why 1Password? Because your mother’s maiden name and your dog’s birthday haven’t cut it as a password for a long, long time.
Because reusing passwords has never been a good idea.
Because “secure” and “convenient” never worked together in a sentence until we built 1Password.
1Password supports iOS, OSX, Windows and Android although you’ll have to wait a little longer for new versions for Windows and Android.
If you do one thing to improve your password security it should be to download an encrypted password storage app and I would suggest it should be 1Password.
You can follow Jonathan on Twitter at [@sevendotzero]
Thanks for the comments. Keeping your master password safe is clearly key. Good entropy plus remembering it and maybe sharing it with one key person are good strategies.
Absolutely agree with the dispair that companies don’t provide or enforce any form of tool for password management. I find it astounding.
Inevitably people will have their own favourites for any genre of application they use and it will usually be as much a religious debate about which is the best. My preference here is for KeePass, primarily because it’s opensource so you can see the code to ensure there are no backdoors and also because it’s free! The database access can be controled through a master password or a keyfile, or both and the auto-type feature uses “Two-Channel Auto-Type Obfuscation” rendering keyloggers and clipboard spies useless. However, everyone to their own which suits best.
Hi Jonathan,
I agree. Pretty much everywhere you go online you need to register and create a password. I’m all mac’d up these days and use eWallet which not only syncs across iPhone, iPad and Mac but also allows you to securely login to any website in a managed wrapper window. Only need one password now. But what happens if that is compromised?
Cheers
Mark