Most websites offering a web service require you to authenticate with an username and password. How many times in a week do you find yourself, scrambling to your email to find that registration email you received or hitting the ‘Forgot your password?’ link?
As a good ShanKri-la reader would do, you take good care of your crucial passwords like your bank account, credit card accounts, insurance accounts, etc. You don’t forget them. You don’t write on a paper and leave it lying at work. You don’t write it and keep it in your wallet in case it gets stolen. You REMEMBER them.
But, what about the other dozen or two username and passwords that you use to login to del.icio.us, MyBlogLog, BlogCatalog, New York Times, Flickr, Photobucket or such services? Do you remember them all? If you do, you probably haven’t changed them since 2002 or you use the same simple and easy to remember (easy to guess?) password for everyone of them.
Nothing wrong with that approach until you find out the password requirement for the site you are registering requires a number in it. Another site doesn’t allow a hyphen in the username. Soon, your quest to achieve nirvana in maintaining a standard username and password for all your web accounts is in shambles. Don’t worry, you are not alone! Help is on the way to you..
Few smart ways to manage these non-essential passwords
- Firefox Password Manager: If you are a Firefox user, you could use the built in password manager secured with a hard to guess master password. It is pretty secure and no one else can access it without the master password.
Downside: You either have to sync all your username/passwords across your different computers (leave a comment or use the contact form, if you’d like to learn how) or at the mercy of your memory if you are on someone else’s or a public computer.
- USB drive Password Managers: There are many solutions for this. KeePass is what I use and it is excellent at what it does and offers excellent password encryption options. [see this post at eJabs for more info]
Downside: If you rely on your USB drive, make regular backup of its content. (I use FileHamster to backup mine) If you lose it or forget it, the scramble starts again!
- Old school online password managers: I am leery using these services. If they offer to store your account information on their servers, say a big thank you and close the window and step away from your computer. Well, at least look elsewhere. If you have to, please don’t store any accounts with sensitive information like your credit cards, etc.
Downside: You might as well ask your neighbor or a colleague to have a list of these for you.
- New age online password managers: This is new to me and I just stumbled on it while reading a post by Tim at Daily Cup of Tech and was intrigued by the idea behind Clipperz. It is touted as a new breed of web applications – ‘zero knowledge’ web apps. (you probably guessed my obsession for web apps if you looked at the Category figures)
How it’s done: You create an account with a super sensitive super secure password. This is your encryption key. You enter your username and passwords and they get encrypted in your browser before it gets stored on their servers. So, they have no knowledge of what we stored but just a bunch of scrambled bits which only you can decrypt with the master password. Plus, you have access to it wherever you need it.
Downside: You are still storing your passwords on someone else’s servers, encrypted or not. There is debate for and against this and how secure this is. Obviously folks at Clipperz thinks so, as they confidently suggest storing credit card info, burglar alarm codes, software keys, etc.
I will hold-off doing just that, but have started using it for my non-essential passwords especially for their one-click ‘Direct Login’ feature. I already have 27 logins entered! With a full time job, blogging as a hobby takes a hit and I am always looking to be efficient in the web and Clipperz provides this to me with this one feature!
Watch out for a review of Clipperz in the next few days.
If you haven’t learnt anything new from this read, I hope to atleast make you think about how you manage your passwords. With the sheer number of them needed in our daily lives, it is easy to treat your bank account login and New York Times login with the same sense of security when it shouldn’t be the case.
Let us know how you manage your passwords? Do you treat your crucial and non-essential passwords different? If yes, let’s hear how.