How to Manage Your Username and Password The Easy and Secure Way

Have been an Internet user for more than 9 years, I have 100's of logins and passwords to keep. I'm paranoid. I'm now even more paranoid after I joined YMMSS because I use online payment systems on weekly basis if not daily.

I used to use Microsoft Excel to manage my usernames, passwords, and other registration information, both online and offline. Excel is not safe because there are programs to crack password protected Excel workbooks and I even cracked the spreadsheet and VBA source code password for one of my old Excel financial models I developed. Today I still use Excel to store some personal information but I only save the Excel file on my another PC that is not connected to Internet.

In my article "6 Essential Steps to Protect Your Computer On the Internet", I highly recommended the award winning RoboForm. Free version of RoboForm (http://www.roboform.com) does come with limitations such as 10 Passcards only. If you don't want to buy the Pro version (costs $29.99 as of my writing), there is an easy-to-use freeware (see below) you can download right now and manage unlimited usernames and passwords.

Download freeware Password Safe from SourceForge.net - the Open Source community.

https://sourceforge.net/projects/passwordsafe/

Here are some great features of Password Safe:

- No installation is required. Simply download and double click the pwsafe.exe file.

- Easy portable. Just copy and paste the EXE file and .dat database file to any disks. Be aware that when you open Password Safe in the other disk, you need to specify the database file location (the .dat file).

- One master password unlocks an entire password database that can contain all your other passwords.

- Grouping. Usernames and passwords can be grouped into different categories you define, eg. Email Address, Payment, etc. You are in total control.

- Strong, random password generation.

- Copy username and password to clipboard so that you don't have to type them. Always keep in mind that you should never type any username and password.

- Browse to URL. With one click, the URL related to your username and password can be opened in your default web browser. Another save on typing.

- You can create more than one password database (but you have to memorize more than one master password. Not recommended.)

Here are some tips of using Password Safe (version 2.04) and managing password in general.

Tip #1 - Always create a strong master password (Safe Combination as used in the software).

Strong password should meet the following criteria:

- At least 8 characters long to prevent cracking. The longer the better.

- The password should contain lowercase, uppercase, numeric, and any other characters that are available on keyboard.

- Ideally you should not use any meaningful words or numbers in the password. Totally random password is the best.

Tip #2 - Let PasswordSafe generate random password for you.

To generate random password:

- Click the menu item Edit.

- Select Add Entry (or use corresponding icon button).

- When the dialogue window opens, on the right hand side, you can see a Random Password Generate button. Click it, a random password will be automatically inserted in the Password field.

The generated random password is constructed according to the password policy defined in Password Safe. You can modify the default policy.

- Click the menu item Manage. - In the dropdown menu, click Options. - Click the Password Policy tab. - Change the policy based on the strong password criteria stated above.

Some sites only allow alphanumeric passwords so make sure you select the appropriate check boxes when this is the case.

Tip #3 - Very Important: Never type your master password when open PasswordSafe.

Keylogger spyware can record keystrokes.

How can you enter master password without typing? I do this.

Step 1: Open a Notepad file (.txt).

Step 2: Copy and paste an article from any Internet website to this .txt file.

Step 3: Select characters from this article and copy, paste to form your master password.

Tip #4 - Very Important: Never lose your master password.

I memorize my master password. In addition, I also physically write it down to a hand written study material that has my previous uni works. Among the 1,000's of words, I placed my 22 characters master password in two different pages in encrypted format that can let me derive my master password.

Tip #5 - Categorize username and password.

When you add a new entry, you need to specify Group, Title, Username, Password, and Notes. The entries that share the same Group name will be gathered together automatically.

One Group can contain another Group as its sub Group. For example, I have Email Address group which contains three sub-groups as Friend, Work, Family.

Tip #6 - For security reasons, always use Copy Username to Clipboard and Copy Password to Clipboard.

Remember, never type username and password on a web form. This is how to do it.

- Highlight an entry.

- Right click mouse.

- In the pop-up menu, select Copy Username to Clipboard or Copy Password to Clipboard

- Go to your login form, paste the username or password.

You can use mouse to do copy and paste. If you prefer short-cut keys, this is how.

Copy: Ctrl+C Paste: Ctrl+V

Tip #7 - Use "Browse to URL" rather than typing URL in browser address bar.

When you enter a new entry or edit an existing one, you can enter a URL (must start with http://) at the first line in the Notes field. You can save website login page's URL in this field. When you need to open a login page in browser, right click the entry and click Browse to URL in the pop-up menu. Then the login page will be opened in your default web browser automatically.

Tip #8 - Don't forget to backup your password database file.

Use the Make Backup menu item to save a second copy of your password file.

Tip #9 - Store your backups in a different offline computer or location.

This is a widely used backup strategy.

Tip #10 - Use the Notes field to store as many information as you want. Very handy for memo.

If you don't have two computers, you need to use other storage media to save a second copy of your backup file and version them by date (easy to track back). Other storage media can be zip drive, thumb drive, floppy disk, CD, etc.

Off site backups are also important. Don't overlook this. You lose all your data if you lose both your computer and your other storage media all together for any reason.

Many companies provide online storage services for a fee. You can store any digital files (you should password protect these files first) on their secure servers. Search Google and you will find a lot.

I have two computers. One is used to surf net and it does not have any sensitive info stored on it. Another one is for my development work (not connected to Internet) and it has my backup files. I also store my backups in a thumb drive and CDs sometimes.

The author, Jerry Yu, is an experienced internet marketer and web developer. He is a proud member of YMMSS. Visit his site Get Paid Full Time Income By Reading Ads Online - YMMSS for FREE "how-to" step-by-step action guide to kick start a successful online business, tips, knowledge base articles, and more.

---

How to Protect Your Child from the Internet

When the Internet first came about, it was realized it... Read More

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living... Read More

Dont Fall Victim to Internet Fraud-10 Tips for Safer Surfing

The Internet offers a global marketplace for consumers and businesses.... Read More

IPv6 - Next Step In IP Security

IPv6, IntroductionThe high rate at wich the internet continualy evolves... Read More

The 5 Critical Steps to Protecting Your Computer on the Internet

Spyware, viruses and worms... oh my!If you are connected to... Read More

Is Your Music Player Spying On You?

In today's times spyware is a very serious issue and... Read More

What to Look for before You Purchase Spyware Software

Huge number of spyware software applications are available in the... Read More

Avoiding Scams: If It Sounds Too Good to Be True, It Probably Is

A week or so ago, I received an inquiry from... Read More

Burning Bridges is Bad, But Firewalls are Good

When you signed up for that ultra-fast DSL or Cable... Read More

How To Clean the Spies In Your Computer?

Manual Spy Bot Removal > BookedSpaceBookedSpace is an Internet Explorer... Read More

Phishing - Identity Theft & Credit Card Fraud

What is Phishing? Phishing is a relatively newly coined term... Read More

New CipherSend Online Security Service Thwarts Email Address Theft And Soothes Password Fatigue

In 1997, I decided after 15 years as a practicing... Read More

Hacked: Who Else Is Using Your Computer?

A friend called me one day and asked if I... Read More

Parental Control - Dangers To Your Child Online & Internet Child Safety Tips

Did you know...? 1 in 5 children who use computer... Read More

Five Excellent Indie Encryption And Security Solutions You Have Not Heard About

Geek SuperheroGeek Superhero watches your computer for changes, immediately notifying... Read More

Dont Get Hacked - A Guide to Protecting Your Business from Thieves

You've seen it in the news - 40 million credit... Read More

Phishing-Based Scams: A Couple of New Ones

Phishing in its "classic" variant is relatively well-known. Actually, 43.4... Read More

7 Ways to Spot a PayPal Scam E-Mail

Paypal is a great site and is used by many... Read More

What Can Be Done About Spyware And Adware

Having a good Spyware eliminator on your computer is vital... Read More

Internet/Network Security

Abstract Homogeneous symmetries and congestion control have garnered limited interest... Read More

The Important Steps To Protect Your Kids on the Internet

Internet is the ocean of knowledge. In this ocean you... Read More

Another Fine Mess!

I'm in the Anti-Spyware business, and I'm doing a lot... Read More

Viruses and Worms, Protection from Disaster

Virus damage estimated at $55 billion in 2003. "SINGAPORE -... Read More

Be Alert! Others Can Catch Your Money Easily!

So called phishers try to catch the information about the... Read More

Make Money Online - Latest Scam Disclosed

Before we start, I want to make it clear that... Read More

Beware of Imitations! Security, Internet Scams, and the African Real Estate Agenda

Fishing on the Internet has come a long way. However,... Read More

Cybercriminals Trick: Targeted Trojan-Containing Emails

Threats we ordinary Web users face online leave us no... Read More

Phishing: An Interesting Twist On A Common Scam

After Two Security Assessments I Must Be Secure, Right? ... Read More

Virus Prevention 101

Blaster, Welchia, Sobig, W32, Backdoor, Trojan, Melissa, Klez, Worm, Loveletter,... Read More

Internet Shopping - How Safe Is It?

Millions of people make purchases online, but many people are... Read More

Free Antivirus Security Software: Download Now to Eliminate Spyware, Pop Up Ads, etc.

Adware. Spyware. Pesky pop up ads. Internet congestion. Computer malfunctions... Read More

Preventing Online Identity Theft

Identity theft is one of the most common criminal acts... Read More

Wells Fargo Report Phishing Scam

First off I should explain what phishing is. Phishing is... Read More