Tuesday, June 23, 2009

Using an Encrypted Database to Store Passwords

As the world constantly moves into a closer relationship with the online services of the internet more and more passwords are required to keep our information safe. There are many methods to keeping passwords. E.g. Post-it notes, legal pad, text document or an encrypted database. Of those choices the encrypted database sounds the most secure however it also sounds the most complicated. On the contrary keeping an encrypted database is not any more complicated than writing passwords on a legal pad and locking them in a desk with a key.

Creating and maintaining an encrypted database is actually quite easy. There are many free, open source and retail products on the internet. The tedious part is finding and entering all of the passwords into the database.

You are probably still asking why is this better than my legal pad. Here is a list of benefits to the encrypted database.

  1. One password will protect and access all of your other passwords.
  2. You have the ability to search the database for specific entries.
  3. If someone steals your computer and gets your database file it is encrypted. The thief is not going to have the computing power or time to crack it without Jack Bauer’s help.
  4. Database entries contain usernames, passwords and website addresses. If you go to a website and it prompts you for a username and password open the database copy the password to the clipboard and paste it in the website. You don’t have to worry about typing long passwords correctly.
  5. Random passwords can be generated and applied to websites. E.g. When a bank asks for a complex password and three security questions it is always a task to come up with a unique password that can be remembered. A solution to this problem is to create the entry in the database and let the software generate a random password that you don’t have to remember like this: 89vqIXOy .

There are always caveats with technology. One password controls them all. Don’t lose that password. Backup your database. If the hard drive on your computer fails the database is gone.

Here are two encrypted database programs that I like:

  1. Password Safe - http://passwordsafe.sourceforge.net/
  2. Kee Pass - http://keepass.info/

I did not go into tutorial on how to actually use the encrypted database because both sites have detailed instructions on how to use their software.


Mac and Linux have built in key chains or password safes.


Protect your information.


If you need help applying safe passwords to your organization contact me.


Adam Bell owner of Sublime Computer Services

We Make Your Technology Work

adam@sublimecomp.com

615.942.0850

www.sublimecomp.com

Posted by at No comments: