If you are like most people, you have a default user name and password combination that:
- You can easily remember
- You use almost everywhere to log on to computers, networks and web sites.
You may also have a post-it note somewhere with user names and passwords that you cannot remember because they are different than your default combination.
Few people do what the experts recommend:
- Use "secure" passwords (long strings made up of upper and lower-case letters, numbers, and special characters).
- Use different passwords to access different networks, different services and different hosts.
- Change your secure passwords regularly.
Here is a solution that I designed to get me on the path of goodness and righteousness. I have been using it for a few weeks now, and I am prepared to recommend it to you. Here's how it works for me...
- I got a U3 USB flash drive which I keep on my key ring, so I always have it handy.
- U3 allows a flash drive to store and, when plugged into any Windows PC, securely run applications -- without leaving a trace of data on the host computer. For more info, see http://www.u3.com/.
- I loaded KeePass on the U3 drive.
- Download the Windows Keepass 1.06.U3P file from here: http://keepass.info/download.html.
- Save it to your hard disk.
- It saves as KeePass-1.06.zip. Rename it to KeePass-1.06.u3p.
- Start the U3 Launchpad from the System Tray
- Select Add Programs, then Install from My Computer
- Browse to find KeePass-1.06.u3p.
- Click Open and the Windows version of KeePass is installed in the Launchpad of the U3 USB flash drive.
- If you need access to your passwords and data on non-Windows platforms (Mac & Linux), like I do, download KeePassX from here: http://keepassx.sourceforge.net/downloads/.
- I got the Application bundle (I need the Linux functionality only).
- Save it to your hard disk, unpack it and copy the KeePassX folder/directory to the /media/usbdisk/ location (NOT the media/U3 System/ location).
- To run KeePassX from the flash drive, navigate to the KeePassX folder and run the shell script.
- Create a new database and start changing your passwords!
- Use KeePass (i.e.,the Windows version) to initially create your password database. The default KeePass database categories were a little better for me than the default categories in KeePassX.
- It doesn't matter which version of KeePass you use to create (or update) a database, it interoperates with both KeePass and KeePassX.
- Different web sites, hosts and services have different conventions regarding acceptable passwords -- the allowable character set (e.g., upper and lower-case letters, numbers, and special characters), password length and password complexity. Use the random password generator, setting it to be as long as allowed and using the largest character set allowed.
- When adding user names and passwords for web sites, put in the URI for the https: login page, so you can jump from the database entry to the place where you will paste your new password.
- This will save you having to drill down to the log in page.
- Here are a couple of other recommendations:
- Don't save your KeePass database to a USB flash drive only. You need to have a backup copy to protect yourself in case the drive is lost or broken.
- Keep a copy of the database on the hard disk of your PC and remember to update the copy periodically.
- I selectively let my home and office PCs remember user names and passwords, so I am not always having to go to my KeePass database.
- The issues here are the probability of unauthorized access of those machines and the potential harm that could come from anyone accessing the sites/services as me.
You are ready to go now. You can take your U3 USB flash drive to almost any Windows or Linux PC, plug it in and access your services, hosts and web sites safely and securely. All your passwords can now be random and highly secure. And you can change them frequently, like you are supposed to do.
Go forth in the path of goodness and righteousness!