Back to Courier Columns Page

KEEPING TRACK OF PASSWORDS
by Ray DeCosta


Q. I have user accounts at many different websites and I simply can't remember them all. I wrote my sign-in information into a word processor but I don't want to leave that information in an unsecure place. What can I do?

A. Given the complexity of passwords sometimes required by websites, it amazes me that anyone would even try to remember more than a few sets of sign-in information. Banks are often the prime offenders in having a tedious and two-step sign-in process. Some of this additional security is required by regulations and occasionally by the bank's own security department. There's not much you can do about this situation except go along with whatever requirements are in effect.

The best answer to your situation is to utilize a "password manager" which will handle password generation, storage and retrieval. There are two widely accepted free password managers available at the present time: KeePass and LastPass. They both have excellent reputations for security and both encrypt all your information.

The major difference between them is that KeePass stores your information on your computer while LastPass stores it in "the cloud." This latter method is not necessarily a problem and the use of cloud storage allows you to access your sign-in information from any computer. The two programs also function in slightly different manners and you should try both of them to see how they fit into your work flow. One is bound to be "better" for you than the other. They're both free, so there's no harm in seeing what each has to offer.

Any password manager can automatically create a password for you that will meet a particular set of criteria. We've all seen them: minimum password length, the use of upper and lower case or special characters, etc. Once you have your sign-in information generated and stored, your password manager will handle all the mechanics of entering your user name and password. As mentioned, the websites at banks are occasionally problematic for both KeePass and LastPass. These sites will sometimes require a bit of tweaking to get the sign-in procedure just right.

Published: Courier 11/2/14 - Page 1D