iVerify: Added security for iPhone and iPad users
I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download. ...
If you have just one password for everything it's easy to remember, but we all know that isn't safe. So how do you keep track of a large number of them - and not have to worry about it?
Many applications provide strong encryption support for their files, and it may be a good option to store passwords in those files. Microsoft Office has long had such support, but prior to recent Office 2007, the encryption was crackable with reasonable effort. With current versions attackers have to use brute force or at least know something about the password.
There are also plenty of data formats with password support where the encryption is trivial to break. ZIP files are a good example. One way to research is to look at the feature set for PassWare, a set of professional password cracking tools. (Note that Passware can recover or remove passwords in encrypted Office documents instantly if run on a system with the document open.)
There are also some dedicated offline programs with local, secure password storage. One good example is Bruce Schneier's Password Safe.
Combined with cloud storage, like Dropbox, you can make your document-stored passwords accessible anywhere. You also have the option of storing the passwords on a USB drive, potentially a hardware-encrypted one.
You have one password to access the password store on the site. You really want to be careful about this password. It should be strong and you should use it nowhere else. On the other hand, you may need to enter it a lot, so consider all your devices and whether the password will, for instance, be unbearable on an iPhone.
Passwords in image courtesy Random.org Random Password Generator.
Caption by: Larry Seltzer
Join Discussion