OPEN APP
Home >News >Business Of Life >Managing your passwords

OTHERS :

The instant you see a sign-up button, some of your brain cells die. Gone, never to return. In this age of information overload, the last thing you need to cram into that memory of yours is another username and password combo for yet another website.

Experience and good online etiquette have taught us not to use one blanket password for all websites, because it leaves not only that account but your entire online identity vulnerable to attack. What’s the way out?

Broadly you can use two methods—a cloud-based password manager software or a pen drive-based one. When you start hitting the “Forgot password" link too often you’ll see sense in opting for either of these methods.

Using cloud-based services

LastPass

View Full Image
LastPass creates unique passwords for each website you visit

Before creating your LastPass account, download their local installer on your Mac, Linux or Windows PC and then start the sign-up process. Once you finish with it, install the browser extension of your choice, and log in to LastPass’ browser extension.

From here, if you want to save the login credentials of an existing account on a website, simply visit its URL, click on the LastPass extension on your browser’s extension bar, and enter the legitimate login details for the website yourself in the “Fill" form drop-down. Alternatively, if you don’t have a login for the particular page, you can ask LastPass to generate one (defining the character limit yourself), and saving it for good. Either way, every time you revisit the page, you can enter your login details with just a click. Just look for the asterisk LastPass highlighter in the data fields, hinting that LastPass is ready to enter data at your command.

1Password

This is a paid password management service, very similar to LastPass. It’s better designed than LastPass and aimed primarily at Mac users (although now the service is cross-platform, supporting the Android, Windows and iOS platforms).

It works the same way as KeePass, for example, where immediately after installing the program on your machine, you have to assign a save location to its database file—an encrypted file which safely stores all the logins and passwords generated through 1Password directly on your PC or Mac. This database file can be synced easily using services like Dropbox, Box.com or Google Drive in case you want to keep using 1Password through multiple devices, either at work or home. Just ensure that the master password you set for accessing the database file is long, strong and difficult to guess, as this will also be the password you enter into 1Password’s browser extension.

The next step is obviously to open the 1Password vault and install a browser plug-in of your choice. While logging into the browser plug-in of 1Password, you’ll have to enter the same master password you used to encrypt your database file with. Once you get past the login section of the browser plug-in, you’ll identify it with a key icon on your browser’s taskbar.

Whenever you enter the username and password for a new website, 1Password gives you a visual cue at the top of the browser page on whether you want to save the login credentials in your database. If you click yes, the credentials are synced with 1Password’s program and database file immediately.

The tool also supports the creation of multiple password vaults to share with family members or co-workers. Create extra vaults, copy items to them, and just click share. This is for now a Mac-only feature, but it’s slated to arrive on other platforms soon.

KeePass

This is a free, lightweight, robust, open source and cross-platform password management utility that does not offer all the features offered by LastPass or 1Password, but it covers all the bases effectively to make it a lucrative tool to use. You can put all your passwords in one database, which is locked with one master key or key file. So you only have to remember one master password or select the key file to unlock the whole database.

It’s largely similar to 1Password, but because it’s open source, KeePass isn’t as easy to use as other applications straight after downloading and takes some getting used to. It’s built for Windows, so it involves getting your hands dirty with add-ons if you want it to run on anything else.

But therein lies its unique appeal. You exert complete control over every aspect of the tool and your experience, which is not a claim that 1Password or LastPass can entirely make. Once you create a master password and link it to a database file (.kdbx), and use the same password to log in through a browser plug-in (like chromeIPass), you effectively follow the exact same process as 1Password’s to fill in passwords while visiting websites.

And remember to always keep the database synced, using cloud-syncing services, to have the database file at hand whenever you need it. As long as you don’t lose this file or forget its master password, you’ll always have access to your passwords and logins—even if this file is stolen or falls into the wrong hands, the effectiveness of its master password and its encrypted nature will ensure that no one can ever decipher your passwords.

Using a pen drive

Services like KeePass and 1Password can be used in conjunction with a hardware key—like a USB pen drive—to fundamentally alter how you memorize and save passwords in your head or on a database file. A company called Yubico is in the business of making USB keys—these are nothing but on-ground, hardware one-time-password generators and authenticators. Using a Yubico USB password key lets you “hold" a password (much like a door key) and relieves you of the burden of “thinking" up of a password to store. It’s an important distinction that one must understand.

A $25 (around 1,500) Yubico key (or YubiKey) works much like a standard door key for your password vault in 1Password or KeePass, and both utilities recognize and support the device. YubiKeys operate in two modes: static and one-time password. In static password mode, YubiKeys can enter a very strong password to pair with your 1Password or KeePass login (without the need for Internet too).

There’s a catch here: You will have to ensure you do not lose the YubiKey, as long as you need to keep using KeePass and 1Password’s DB file made with YubiKey’s hardware authentication.

Content powered by ThinkDigit.

Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.

Never miss a story! Stay connected and informed with Mint. Download our App Now!!

Close
×
Edit Profile
My ReadsRedeem a Gift CardLogout