Filed under: Security
Password management that doesn't suck - Ask DLS
So it took me about a decade, but I've finally reached the breaking point: I have too many usernames and passwords to remember. This came to a head today as I tried to log into a handful web sites to change some billing information and had to make multiple tries to get into half of them, even having to click on the dreaded "Forgot your password?" link once. Enough! There are dozens and dozens of programs out there designed just to solve this problem, but the trouble is figuring out which ones are crap and which ones are good. And that's where you come in, dear readers:What's the best password-management app for your money? Here are my criteria: Super easy to use, unobtrusive (keyboard access a big plus), works on Windows, works with Firefox, secure (duh), and fairly configurable. Also, as you know, I'm incredibly cheap, so free or very inexpensive are high on my list.
Can you help me out? Leave your recommendations in the comments below.
Get a WordPress.com Blog
With Halloween fast approaching, it's a great time to get in some practice defending your territory against zombies. In Graveyard Shift, you take aim at zombies and other creepy-crawlies, blasting them into splatters of cartoony green guts. It's a casual first-person shooter, and it's very easy to get the hang of - use the mouse to aim, click to fire. Graveyard Shift has at least 15 levels, and it might even have some secret stages I haven't unlocked yet.
They key to getting good at Graveyard Shift is learning to use ...
Reader Comments (Page 1 of 4)
FF said 12:50PM on 1-04-2007
Firefox has a built-in password manager, which works fine for me. Maybe it lacks some feature that you need -- you mention "fairly configurable" -- not sure what that means to you.
Reply
Nick said 1:29PM on 1-04-2007
I've had really good luck with KeyPass... SF open source.
Reply
Birdie Holsclaw said 1:06PM on 1-04-2007
I use eWallet by Ilium Software. They have a desktop version, plus a PDA version, which can be synchronized. Entry to the program is password protected, but I think individual password "cards" can also be protected.
I keep a copy on both my desktop and my laptop and synchronize those two with FolderShare. So my passwords are always with me, as well as husband's SS#, bank account #s, software registration #s, etc.
Reply
digirati82 said 2:38PM on 1-04-2007
Something simple like LockNote may fit the bill. Encrypted, no install.
http://locknote.steganos.com/
Reply
Robin said 1:22PM on 1-04-2007
KeePass is a very nice, user friendly program. It also boasts a security option requiring two means of authentication via a password, and a key that is on your USB flash drive.
http://keepass.info/
Reply
Eagle117 said 1:30PM on 1-04-2007
I second eWallet.
http://www.iliumsoft.com/site/ew/ewallet.htm
Reply
Dice1976 said 1:21PM on 1-04-2007
The are 3 very useful programs that I use for remembering passwords.
The first is Freeware! it is called KeyPass http://keepass.info/
The second I use and have been using more and more is called Code Wallet Pro from http://www.developerone.com/codewalletpro/windowspc.htm
And finally, the one that hooks wonderfully into your browser is called RoboForm www.roboform.com
I have been using code wallet & roboform from a USB key and it is perfect- I never have to remember anything anymore, just the 1 main password needed to access my information. Hope this helps.
Reply
aboutthisboy said 1:21PM on 1-04-2007
I too am fed up of forgetting passwords. I have been trialling RoboForm2Go (the portable version) and it's pretty comprehensive, I just don't want to shell out $39 for it! Looking forward to seeing some other people's suggestions.
Reply
Grgory Kieffer said 1:23PM on 1-04-2007
Roboform is definitely the best password manager. No other manager does nearly as good as this one! It actually works as a kind of bookmark manager as well, as it shows you a list of your stored passwords. I actually filled the name and email of this form with roboform
Reply
john said 1:21PM on 1-04-2007
I use PINs. It's easily made portable, and it uses the 448 bit Blowfish algorithm. I wouldn't trust anything else, and I've tried a handful, including those listed here. PINs comes out on top for ease of use, options, and encryption level.
Oh, yeah; it's FREE!
See here: http://www.mirekw.com/winfreeware/pins.html
Reply
Steve Goodwin said 2:18PM on 1-04-2007
RoboForm - been using it for years. About $29. There is also RoboForm2Go which allows you to keep the lot on a USB stick and plug it into any PC - works a treat.
Does form filling as well as remembering passwords. It is regularly updated and well supported.
http://www.roboform.com/
Reply
Orhan Karsligil said 1:34PM on 1-04-2007
Used to use Roboform, but it is not free even for personal use anymore. Tried many other options, but the ideal solution should remember passwords and form fields not only for browsers but also windows logins and applications, credit card information etc... Now trying Sticky Passwords (http://www.stickypassword.com/). Looks promising. It is not free but today you can get it for free from Giveawayoftheday website.
Reply
James Hare said 1:44PM on 1-04-2007
Well, Mac OS X has Keychain built in; however, it seems you want to be hobbled by Windows. I guess that's your choice.
Reply
Andre Tremblay said 1:46PM on 1-04-2007
I've been using Corral Password for more than 3 years now.
It is easy to use and FREE.
You can have different files for different users.
It supports encryption and automatic export (encrypted too) for backup.
You can create multiple groups but various reasons like Office Password and/or Personal Internet Password.
I even use it to track all my serial # for software like Microsoft and Games.
Also it is very light and again FREE.
Reply
Erik Anderson said 2:32PM on 1-04-2007
I'll add a third recommendation for KeePass. Simple, secure, cross-platform.
Reply
Sigemund said 3:14PM on 1-04-2007
I'm a big fan of Passwordmaker. It's an extension for Firefox (plus a few other variants). It just does a hash of the domain + a string (your "master password") to generate a unique password for each site. It's awesome, because you end up with a different password for each site, so if an attacker gets one password, it really isn't of any noteworthy value -- your passwords will be different for each site. Reversing from that password to your original string (even assuming the attacker knows the domain, which hash algorithm was used, etc.) wouldn't be a trivial matter, so you're pretty secure, all things considered. You can set your hash parameters (algorithm, number of characters, character set, etc.), create different profiles, etc. And since it's just a hash, your passwords are never stored anywhere -- you just re-generate each password when needed. It's not perfect -- a bit complicated if you aren't pretty well-familiar with this sort of stuff, but if you streamline it and clean up the settings to make it easier, it rules.
https://addons.mozilla.org/firefox/469/
http://passwordmaker.org/
Reply
Dan said 2:16PM on 1-04-2007
I'll ad another recommendation for KeePass. There is a toolbar for IE which is supposed to automatically fill in the password forms, but it is currently broken.
That being said, I still prefer KeyPass to just about any password manager out there (RoboForm is the other one I really like)
Reply
CbF87 said 1:54PM on 1-04-2007
KeyPass is the best product I've seen. If you don't mind doing a little scripting with its own script language, it will auto-populate any field or fields for you. Very handy.
Reply
Claus said 1:57PM on 1-04-2007
A vote again for KeePass.
It can be easily ported to flash media (USB sticks) so you can take it with you anywhere.
If you do that and want one more layer of security--just in case that USB stick wanders off... consider wrapping it in a TrueCrypt http://www.truecrypt.org/ (freeware Win/Linux) encrypted partition on your USB stick.
KeePass encrypts its password database file and makes it very easy to categorize your passwords.
Very difficult to beat!
The Portable Freeware site has a number of others worth looking into as well: Password Managers - http://www.portablefreeware.com/?c=10&sc=7
Reply
Vinny Carpenter said 2:02PM on 1-04-2007
I'll add another recommendation for KeePass. Free and open-source with encryption (AES and Twofish). Works really well and the auto-key feature is awesome. Plus it's cross platform and works on Windows, Linux, OSX and Mobile devices. I use it on my PC and PocketPC phone.
Reply