Who needs a password manager anyway?
In this modern era, more and more critical information is stored behind passwords. Access to your money, your private conversations, pictures, grades, and more… increasingly almost every aspect of your life is locked using only a few letters and numbers. How do you secure all this information, on so many sites, and keep it from getting into the wrong hands?
One thing you never want to do is use the same password all over the place, or you could end up like this tech “expert”. But how are you supposed to keep track of them all? Saving them in your browser is less than ideal. Writing them down can be disastrous. Memorizing all your passwords becomes increasingly complex as you increase the number of accounts you maintain. Oh, and you’re supposed to change them regularly? Suddenly the task is next to impossible.
What you need is a way to manage all your passwords, while keeping them safe from prying eyes yet available to you without fear of losing them.
Two technologies work together to make this possible: cloud storage and a good password manager.
Below, I will be using Dropbox as cloud storage, but other viable options would be Box, Google Drive, or Apple’s iCloud. Using cloud storage has the benefit of keeping your password database mirrored and current on all your devices. Further, it serves as an always current off-site backup should some disaster happen to all your devices at the same time.
KeePass 2 is a Free, Open Source (GPL) program that will run almost anywhere: Windows 98, 98SE, ME, 2000, XP, 2003, Vista, 7, 8, Mono (Linux, Mac OS X, BSD, …)
You can download KeePass 2 here. Don’t be put off by the fact that they refer to version 2 as the “Professional Version”… it is still free (and Free).
The first thing you want to do after installation is create a new database in your Dropbox folder:
This will prompt you for a new master password:
You will notice that you also have options for using a Keyfile or tying the database to your Windows account. While both of these can make the database technically even MORE unhackable, they have a significant downside: should you ever lose your keyfile, or are unable to access your Windows account, you will be locked out of your password database.
This master password is like the security guard with all the keys to the entire building, so you want to make it a good one. KeePass helps you out here by showing the “Estimated Quality” of your password as a type of progress bar. Note in the image below how “password” is just about the worst password you can make, while “my 2 FAVORITE SYMBOLS are $ and *” is pretty great:
My example of a great password has several things going for it:
- Length. The length of your password is of primary importance in making it difficult to crack
- Use of capitals, numbers, and symbols (and spaces)
- It is something I can commit to memory, or at least not have to open my wall safe every time I log into the computer
Technically, I could use non-dictionary words as well. You can see how thinking in terms of a “pass phrase” instead of a “password” is a good mindset.
Reviewing where we are now
Congratulations! You’ve taken an important step in securing your life online. You now have created an encrypted, secure password database that is stored in the cloud.
But how can we really put this database to work?
Up next we will discuss how to update and manage all your passwords, and finally how to configure add-ons that will automate logging in for you! [Link forthcoming]