Safe Password Management

Posted February 21, 2011  |  By Hilary Smith, Customer Support Manager  |  Filed under: Tips & Tricks

Heard of our new Support Portal, but have yet to visit it? One of the new areas we are working on, and hope you find useful is the Knowledge Base, which we are populating with answers to "Frequently Asked Questions" about Email setup for various clients. image One of the things we are asked most is "What is my password?" In light of that, we thought it would be good to post some information about Password Management here, and in our Support Portal. image

One of the headaches of the digital age is setting up passwords for each account we have online. These add up, and it is sometimes onerous to have to a) create them, and b) remember them. However, as we become increasingly reliant on our digital packets of information, it is even more important to have safe and secure passwords. Whether by cracking passwords, or even more easily "listening in" on wifi networks, hackers are increasingly gaining access to people's email and online accounts to mine personal information, sometimes just to spam other people, sometimes to garner financial data. Prevention is the key.

1) First thing to do is to create different, secure, hard to hack, passwords for each online and/ or email account that you have. imageThere are various ways to generate safe, secure passwords. There are services on the internet, such as Safe Passwd, that takes the pain out of generating random characters. It's always best to use random characters that are difficult to remember. It will be equally hard for hackers to crack the password. These stats provide some perspective on how a good password can help defeat the hackers: image

2) Second is to save these passwords in some sort of secured database. The bonus is that some of these Password Databases include Password generators, so you can easily create and store. imageA good password safe for the Mac is "Wallet" from Acrylic software. it now integrates with various browsers to automatically enter secure passwords. There's also an iPhone App so that you can sync your passwords to your iPhone. Very useful when you're away from your regular computer, and need to remember that hard to remember password. Download it here for $20. Very little to pay for some good prevention. image A good password safe for Windows machines is "Password Safe" which is available for free download.

3) Third is to practice safe computing when using your passwords. imageMore and more people are finding that their email and online account passwords are being stolen. This happens even if their passwords are very difficult to crack. This is because more and more hackers are able to intercept the transfer of these passwords as they are being sent over insecure wi-fi signals. The passwords, no matter how "difficult to crack" they are, are vulnerable if being sent via an insecure wifi network to some other computer. This can happen if you are sitting in an airport,and using an insecure (non https) connection to connect to your Gmail account, or your Yahoo account, or any other website that requires a password. If the password is not "encrypted" using HTTPS, then it could be easily picked up by anybody with sophisticated software who's "listening in" on the wi-fi traffic. A recent article in the New York Times talks about "FireSheep", a piece of software released by Eric Butler to help publicize how easy it is for someone to "sniff out" your password as it travels unencrypted over Wifi. If you'd like to know more about how encryption works, there's information at the EFF website. One of the ways to combat this is to log in to Gmail or Yahoo or other sites that allow you to use HTTPS to log in. It's simply a matter of typing in the URL: instead of imageYou can also use a number of programs, that makes your browser automatically use HTTPS when sending a password over the internet. The Electronic Frontier Foundation (EFF) encourages users to download their "HTTPS Everywhere" application for free.