Monday, April 11, 2016

Keep your passwords very safe and sound



Keep your passwords very safe and sound

Living in these times of mass surveillance and monitoring, it is scary to think how much of ourselves and our data are susceptible to inspection and interception. One of the ways we attempt to keep the doors locked on our online activities is through passwords. Even if you live a relatively blameless life, you’ll still be wary of hackers stealing your bank savings or governments peeping into your private life, and thus need strong passwords and help remembering them. Enter password managers.

But using such software just brings us back in a full circle: Who has access to the information you store in your password manager? In these times of Echelon and Prism, the question is enough to give you sleepless nights. Thus, choosing the right password manager and understanding how it works is imperative. If you really want to keep your passwords private, make sure you have control over them and no one else. Here are a few password managers that allow you to do that.

Encrytr

This is a cloud-based password service. Now, I know what you’re thinking—‘Cloud-based, huh? So the company can take a peek at my passwords any time they wanted, or hand it over to governments in the name of “national security”?’ Well, no, because Encryptr belongs to SpiderOak, provider of zero-knowledge cloud services: ‘Zero Knowledge means we know nothing about the encrypted data you store on our servers…. Nothing leaves your computer until after it is encrypted and is never decrypted until it is unlocked with your password on your computer.’ The keys required to decrypt your password are with you, not on the server, with the provider. The password is never transmitted to their servers, and without it, it is impossible for SpiderOak or any third party to decrypt your data. It is available for Windows, Mac OS and Linux, as well as for Android and iOS.

Password Safe

While it won’t be winning any design awards, this open source application does its job well. It helps you create an encrypted, secure database that holds all your username/password lists. The database is secured with a master password that you choose, and you can save as many username/password combinations as you want. Passwords may be copied to the clipboard and pasted into browsers (the clipboard is securely erased when you exit Password Safe). It is available for Windows, but there is a Mac port, as well as Android and iOS versions. Of course, you have to remember your master password; there is no recovery mechanism as it would be a security risk. (You could also check out KeyPass, a similar password manager, which also allows you to generate a keyfile for extra security.)

Master Password

Master Password uses an inventive password-generation algorithm that generates passwords from your name, your master password and the site name. Passwords are generated on-demand, thus, nothing is stored or saved—and, therefore, nothing to intercept or hack into. There is slight preparation involved if you use it —that is, you’ll have to change all the passwords on sites you use to the ones generated by Master Password. No vaults or syncs are needed as the software can generate your passwords (or PINs) as and when needed. Of course, if you want, you can save your own passwords in it too. It is free software, based on extensively documented algorithms,and there are no external parties involved with your passwords’ safekeeping. It is available for Windows, Mac OS, iOS, Android, as well as a command line (Terminal) version, Java and a beta browser version.

This basically means that you now have NO excuse for not having good passwords.

Source | Financial Chronicle | 12 April 2016

Regards

Pralhad Jadhav
Senior Manager @ Library
Khaitan & Co

Upcoming Event | National Conference on Future Librarianship: Innovation for Excellence (NCFL 2016) during April 22-23, 2016.

Note | If anybody use these post for forwarding in any social media coverage or covering in the Newsletter please give due credit to those who are taking efforts for the same.

1 comment: