Password Managers

Password managers are programs used to store your user accounts, passwords, and any secret text. Instead of remembering the passwords you use for your individual accounts, you only have to remember one password which is the one used to encrypt and decrypt or access your password manager.

I have been using KeePass as my password manager. KeePass is multi-platform and open source with a simple and clean interface. It supports exporting and importing data, auto-fill, and security measures like timed clipboard clearing when after a password is copied. It also creates periodical backups both internal to the database and externally as a file. Password changes are also recorded in the history. KeePass includes a rating bar to show how strong your passwords are. To increase its strength, you can actually use an image file as your secondary key, and perhaps upload this photo somewhere.

There are some convenient services like LastPass and PassPack which synchronize and store your encrypted password databases to their servers. Compared to KeePass, these online services require a completely different security models, because these involve transmission of the database and coupling with the web browsers. Perhaps we can consider using them for online accounts like forum sites and other general social networking sites, but not for banking yet. These services need to release their programs' source code first and have a third-party group verify their processes.

Never use a single password for all your Internet accounts!