How to Manage Your Username and Password The Easy and Secure Way

Have been an Internet user for more than 9 years, I have 100's of logins and passwords to keep. I'm paranoid. I'm now even more paranoid after I joined YMMSS because I use online payment systems on weekly basis if not daily.

I used to use Microsoft Excel to manage my usernames, passwords, and other registration information, both online and offline. Excel is not safe because there are programs to crack password protected Excel workbooks and I even cracked the spreadsheet and VBA source code password for one of my old Excel financial models I developed. Today I still use Excel to store some personal information but I only save the Excel file on my another PC that is not connected to Internet.

In my article "6 Essential Steps to Protect Your Computer On the Internet", I highly recommended the award winning RoboForm. Free version of RoboForm (http://www.roboform.com) does come with limitations such as 10 Passcards only. If you don't want to buy the Pro version (costs $29.99 as of my writing), there is an easy-to-use freeware (see below) you can download right now and manage unlimited usernames and passwords.

Download freeware Password Safe from SourceForge.net - the Open Source community.

https://sourceforge.net/projects/passwordsafe/

Here are some great features of Password Safe:

- No installation is required. Simply download and double click the pwsafe.exe file.

- Easy portable. Just copy and paste the EXE file and .dat database file to any disks. Be aware that when you open Password Safe in the other disk, you need to specify the database file location (the .dat file).

- One master password unlocks an entire password database that can contain all your other passwords.

- Grouping. Usernames and passwords can be grouped into different categories you define, eg. Email Address, Payment, etc. You are in total control.

- Strong, random password generation.

- Copy username and password to clipboard so that you don't have to type them. Always keep in mind that you should never type any username and password.

- Browse to URL. With one click, the URL related to your username and password can be opened in your default web browser. Another save on typing.

- You can create more than one password database (but you have to memorize more than one master password. Not recommended.)

Here are some tips of using Password Safe (version 2.04) and managing password in general.

Tip #1 - Always create a strong master password (Safe Combination as used in the software).

Strong password should meet the following criteria:

- At least 8 characters long to prevent cracking. The longer the better.

- The password should contain lowercase, uppercase, numeric, and any other characters that are available on keyboard.

- Ideally you should not use any meaningful words or numbers in the password. Totally random password is the best.

Tip #2 - Let PasswordSafe generate random password for you.

To generate random password:

- Click the menu item Edit.

- Select Add Entry (or use corresponding icon button).

- When the dialogue window opens, on the right hand side, you can see a Random Password Generate button. Click it, a random password will be automatically inserted in the Password field.

The generated random password is constructed according to the password policy defined in Password Safe. You can modify the default policy.

- Click the menu item Manage. - In the dropdown menu, click Options. - Click the Password Policy tab. - Change the policy based on the strong password criteria stated above.

Some sites only allow alphanumeric passwords so make sure you select the appropriate check boxes when this is the case.

Tip #3 - Very Important: Never type your master password when open PasswordSafe.

Keylogger spyware can record keystrokes.

How can you enter master password without typing? I do this.

Step 1: Open a Notepad file (.txt).

Step 2: Copy and paste an article from any Internet website to this .txt file.

Step 3: Select characters from this article and copy, paste to form your master password.

Tip #4 - Very Important: Never lose your master password.

I memorize my master password. In addition, I also physically write it down to a hand written study material that has my previous uni works. Among the 1,000's of words, I placed my 22 characters master password in two different pages in encrypted format that can let me derive my master password.

Tip #5 - Categorize username and password.

When you add a new entry, you need to specify Group, Title, Username, Password, and Notes. The entries that share the same Group name will be gathered together automatically.

One Group can contain another Group as its sub Group. For example, I have Email Address group which contains three sub-groups as Friend, Work, Family.

Tip #6 - For security reasons, always use Copy Username to Clipboard and Copy Password to Clipboard.

Remember, never type username and password on a web form. This is how to do it.

- Highlight an entry.

- Right click mouse.

- In the pop-up menu, select Copy Username to Clipboard or Copy Password to Clipboard

- Go to your login form, paste the username or password.

You can use mouse to do copy and paste. If you prefer short-cut keys, this is how.

Copy: Ctrl+C Paste: Ctrl+V

Tip #7 - Use "Browse to URL" rather than typing URL in browser address bar.

When you enter a new entry or edit an existing one, you can enter a URL (must start with http://) at the first line in the Notes field. You can save website login page's URL in this field. When you need to open a login page in browser, right click the entry and click Browse to URL in the pop-up menu. Then the login page will be opened in your default web browser automatically.

Tip #8 - Don't forget to backup your password database file.

Use the Make Backup menu item to save a second copy of your password file.

Tip #9 - Store your backups in a different offline computer or location.

This is a widely used backup strategy.

Tip #10 - Use the Notes field to store as many information as you want. Very handy for memo.

If you don't have two computers, you need to use other storage media to save a second copy of your backup file and version them by date (easy to track back). Other storage media can be zip drive, thumb drive, floppy disk, CD, etc.

Off site backups are also important. Don't overlook this. You lose all your data if you lose both your computer and your other storage media all together for any reason.

Many companies provide online storage services for a fee. You can store any digital files (you should password protect these files first) on their secure servers. Search Google and you will find a lot.

I have two computers. One is used to surf net and it does not have any sensitive info stored on it. Another one is for my development work (not connected to Internet) and it has my backup files. I also store my backups in a thumb drive and CDs sometimes.

The author, Jerry Yu, is an experienced internet marketer and web developer. He is a proud member of YMMSS. Visit his site Get Paid Full Time Income By Reading Ads Online - YMMSS for FREE "how-to" step-by-step action guide to kick start a successful online business, tips, knowledge base articles, and more.

In The News:


Forbes

Building A Strong Foundation: How Network Architecture Dictates IT Security
Forbes
Although IT security has emerged as a high-profile, headline-grabbing issue, the concept of securing data has traditionally been secondary at best. Developers are typically focused on other elements, such as design and functionality. As a result ...

and more »

NPR

Equifax Confirms Another 'Security Incident'
NPR
After the revelation that a cybersecurity breach at the international credit reporting agency Equifax exposed personal information of 143 million people, the company has confirmed an additional security incident with a payroll-related service in the ...
Equifax says it had a security breach earlier in the yearABC News
Equifax acknowledges a second security 'incident' happened in MarchCNBC
Equifax Execs Resign; Security Head, Mauldin, Was Music MajorNBCNews.com
TechCrunch -CNNMoney -Bloomberg -Bloomberg
all 1,836 news articles »

USA TODAY

The Early Edition: September 21, 2017
Just Security
The U.N. Security Council backed reforms to its peacekeeping missions yesterday, Vice President Mike Pence stating that the U.N. must be more efficient and effective. Alexandra Olson reports at the AP. U.N. Secretary General António Guterres opened the ...
At UN, Trump's 'me first' doctrine abandons Truman's postwar 'security for all'USA TODAY
Remarks by President Trump at the Reforming the United Nations: Management, Security, and Development MeetingThe White House (blog)

all 4,361 news articles »

Forbes

Alphabet's Nest Goes After The Boring (But Big) Home Security System Market
Forbes
Alphabet-owned Nest has launched a full-on assault on the home security services market. At a press conference in San Francisco Wednesday morning, the smart gadget company announced its first full-fledged security system, Nest Secure. Nest Secure's ...
Nest's home security system costs $499 and comes with magnetic ...The Verge
Nest launches a new $349 smart outdoor security cameraTechCrunch
Alphabet's Nest introduces new home security devices as CEO promises big increase in salesCNBC
Phys.Org -Gizmodo -Business Insider -Nest
all 116 news articles »

Tunisia must live up to promises to end impunity for security forces at UN Human Rights Council
Amnesty International
The use of torture in custody and human rights violations committed in the name of security and counterterrorism will continue unabated unless Tunisia lives up to the commitments it has made today at the UN Human Rights Council in Geneva, said Amnesty ...

and more »

Engadget

Knightscope's new security bot looks like a mini concept car
Engadget
Robot maker Knightscope has been in the news lately for all the wrong reasons. Its K5 security robot took a look at the harsh world and chose to throw itself into a fountain. And a different K5 robot was attacked and knocked over by a drunk guy. But ...

and more »

PBS NewsHour

White House refutes Erdogan's claim that Trump apologized for charges against security guards
PBS NewsHour
The White House on Wednesday refuted Turkish President Recep Tayyip Erdogan's claim that President Donald Trump apologized to him after the Department of Justice filed charges against members of Erdogan's security detail following a clash outside of ...
Turkish president: Trump apologized for indictment of security staff in brawlThe Guardian

all 221 news articles »

Washington Post

UC system will chip in at least $300000 to help Berkeley pay security costs for controversial speakers
Los Angeles Times
The University of California will chip in at least $300,000 to help UC Berkeley pay security costs for controversial speakers, an unprecedented step as criticism mounts over the financial toll the events are taking on the campus. “Free speech is not ...
UC President to Pay Half of Security Costs for Shapiro, YiannopoulosInside Higher Ed
'Substantial cost': University of California foots major security bill for free speechWashington Post

all 36 news articles »

National Review

For National Security!
National Review
Call it Cooke's Rule: Those losing the argument over a given domestic policy will eventually cry “necessity.” This morning, Matthew Olsen and Benjamin Hass provide a good example, arguing in Politico that “the Electoral College is a national security ...

and more »

10TV

Security robots used to help fight crime
10TV
The security bots use the same technology used at TSA security checkpoints to determine the size and shape of weapons. Creators are also working on audio detection to help security locate the scene of a crime. “The opposite of voice recognition, can ...

Google News

How Can Someone Get Private Information From My Computer?

From the "Ask Booster" column in the June 17, 2005... Read More

Virus Nightmare..Lessons Learned

I got a virus the other day, Thursday I believe... Read More

Online Shopping: 10 Tips For Safe Online Shopping

Have you ever bought a product or service from the... Read More

Instant Messaging ? Expressway for Identity Theft, Trojan Horses, Viruses, and Worms

Never before with Instant Messaging (IM) has a more vital... Read More

Identity Theft Offline -- So Many Possibilities

Chris Simpson, head of Scotland Yard's computer crime unit was... Read More

A New Era of Computer Security

Computer security for most can be described in 2 words,... Read More

File Sharing - What You Need to Know!

File sharing on p2p is soaring despite the music and... Read More

Why you Must Secure your Digital Product and Thank You Web Page

A couple of years back, I paid my dues the... Read More

Spyware ? Your Web Browser is the Culprit!

My first experience with a spyware BHO based infection was... Read More

Crack The Code - Thats A Direct Challenge

I Challenge You To Crack The Code ------------------------------------- I had... Read More

How to Protect Yourself Against Online Criminals

Credit card fraud is a growing problem for online businesses... Read More

Money Mule Email Scam Hits U.S.

Imagine this ? you open up your email box and... Read More

How To Prevent Spyware Attacking Your Computer

Spyware is software or hardware installed on a computer without... Read More

Personal Firewalls - Secure Your Computer

There has not been a time in the history of... Read More

Social Engineering - The Real E-Terrorism?

One evening, during the graveyard shift, an AOL technical support... Read More

Traditional Antivirus Programs Useless Against New Unidentified Viruses!

Every now and then you can read about a new... Read More

Phishing: A Scary Way of Life

The Federal Bureau of Investigation has identified "phishing" as the... Read More

Breaking Into Your PC: News...

You'd better learn news from media, not from emails, security... Read More

The Important Steps To Protect Your Kids on the Internet

Internet is the ocean of knowledge. In this ocean you... Read More

Another Fine Mess!

I'm in the Anti-Spyware business, and I'm doing a lot... Read More

Message Board Security Problems

Security leaks can be a big problem for any site... Read More

Its War I Tell You!

There are ways to insure security though. You can get... Read More

Computer Viruses and Other Nasties: How to Protect Your Computer from These Invaders

Can you protect your computer from all possible viruses and... Read More

Mail Forwarding - Why Would You Do It?

First of all we need to get some terms stated.... Read More

Web Browsing - Collected Information

You may not realize it, but as you are surfing... Read More