Custom Search

Do you manage your username and password wisely?

A few years back I used MS Excel to manage all my usernames and passwords. I thought I would just need to remember one password to open the Excel workbook and I would get all the information I needed. The idea was good but not secure enough.

One day I came across an Excel Cracking program that used dictionary attack and worked out my hard-to-guess Excel password in just a few hours. I was shocked and immediately started to search for a more secure way to safeguard my passwords.

Password Safe to the rescue

I ended up using Password Safe (Open Source freeware) from for a little over one year, so I had pretty good experience about how password managers work at the time.

Why do you need a password manager?

How many passwords and usernames do you have to keep track of? I know I have hundreds. I'm not an ordinary Joe type of Internet user, but if you think out of the box, the amount of information you want to securely manage is still not trivial - Email account logins, credit card details, online banking login, bank account numbers, tax file number, software installation keys, website logins, important memos, and so on.

That's right. Password manager is not just for storing passwords. Any information that are private, sensitive, or you think should be secured can be saved to password manager. Anytime when you note down something on a piece of paper or scratch pad, or save something in a document on your computer, think if you should save the information in password manager.

Password managers allow you to save your usernames, passwords, and any related information and you only need to remember one master password to open the password manager program. In addition to securing your passwords, some features make your life easier such as auto-type, auto-login, password generator, etc.

Two concerns

I was pretty happy with Password Safe until one day I was told that some keylogger programs could record your clipboard activities (it is called clipboard spies) and take screenshots of your computer activities. I realized that using Password Safe would not protect me from these two dreadful spy activities.

Clipboard is a software program that is used for short-term storage of data in computer memory (buffer) as it is transferred between documents or applications, via copy and paste operations. It is most commonly a part of a GUI environment and is usually implemented as an anonymous, temporary block of memory that can be accessed from most or all programs within the environment. -- Wikipedia

I was worried about Password Safe for two reasons.

I use Hotmail to illustrate and assume you have opened Password Safe.

  • To log into Hotmail, we open Hotmail's login page.
  • Right clicking the password entry and save it to clipboard.
  • Paste password to Hotmail's password field. Do the same for username.

During the above process, my password copied to clipboard can be recorded by clipboard spies. The spies could be installed silently when you access malicious websites or manually installed if anyone can access your PC without your notice.

I was also concerned about screenshot spies. I normally store my master password in text file and copy/paste it to open Password Safe. At all times I always try to avoid any typing of passwords. This is because keyloggers are more common spy program than clipboard spies.

Assume I don't have clipboard spies on my PC, but what if the screenshots of my PC activities being taken? I would lose master password easily because the screenshot of the text file I used could be captured.

Finally I switched to KeePass

I knew for quite some time that there was another good open source password manager on SourceForge. It is called KeePass. I downloaded KeePass and happily discovered it had the following two features that could effectively solve all my concerns.

  • Enhanced clipboard method: allow pasting only once.
  • Master password and key combination to open KeePass.

I exported all my Password Safe entries to a text file and then imported them into KeePass and now KeePass is a must-use program for me on daily basis.

Never lose or forget your master password

If you forget your master password which is used to open KeePass, all information stored in KeePass database are lost. There is no backdoor to KeePass that can be explored to recover your master password or other passwords stored in it.

I will introduce you to KeePass and reveal some of the unique features and their practical uses.


Related Articles:

1.Choose Good Passwords That You Can't Remember
2.What is index.dat file and how your internet privacy is affected
3.What is keylogger and the differences between software and hardware keylogger
4.Protect Your Computer On the Internet For Free with Six Simple but Essential Steps
5.Introduce Free Password Manager - Password Safe

Other Recent Articles from the Safe Computing category:

1.Choose Good Passwords That You Can't Remember
2.Protect files and folders with file container
3.A MD5 checksum file generated by freeware FileCheckMD5
4.How to check data integrity for copying files / folders and CD burning
5.What is checksum and how to calculate and use checksum values to verify data and file integrity
6.What is index.dat file and how your internet privacy is affected
7.What is keylogger and the differences between software and hardware keylogger
8.Protect Your Computer On the Internet For Free with Six Simple but Essential Steps
9.Introduce Free Password Manager - KeePass
10.Introduce Free Password Manager - Password Safe

Copyright © 2017 All Rights Reserved.

This website is hosted by HostGator.

No portion may be reproduced without my written permission. Software and hardware names mentioned on this site are registered trademarks of their respective companies. Should any right be infringed, it is totally unintentional. Drop me an email and I will promptly and gladly rectify it.

Home | Feedback | Terms of Use | Privacy Policy