Kamis, 14 April 2011

How to manage your password smartly

Typically you don't wanna have more than two or three passwords memorized inside your head.

But most of the time that's not a choice. Some sites force you to have alphanumeric passwords, while your banks and credit card access force you to have only numeric passwords.

When it comes time for you to change your password, life start to get really complicated. Sometimes it's the computer system force you to have a new password, sometimes you get phished, sometimes a girlfriend who know your password just broke up with you.

If you are like any friend I know, changing password means having a new kid. Pretty soon you're gonna forget which kid is where, which password is for which login.

That's why password manager is so important to me. There are plenty of great password manager out there. I personally have been using Oubliette for some time (though it's been discontinued). But I know not a lot of people are that diligent with one.

The truth is most people are not that security-conscious. But the way the web has evolved, password manager is no longer about security anymore. It's about freeing up your mind from the unnecessary trash like memorizing seven set of passwords. That's what GTD is all about, take your mind off the mundane stuffs.

As far as password manager goes, there are two way around it. First is the most common option: desktop software solution. Like Oubliette, they typically offer strong encryption, storing your login names, passwords, URLs, emails, categories, and additional notes for each account. For the most secure option, this is the best way to go.

However, I find it increasingly inconvenient that I have to make sure I have the most updated copy of the password file on my thumb drive. If you are like me and use different PCs in multiple locations, you better make sure you have your password file synchronized or you'd regret it just when you need it.

But the worst is when you are using a PC as a guest, and your password manager is not installed there, which is most likely the case.

So I resort to building a web-based password manager, onelurv. Two major reasons I can't do without it.

First is obvious, I have access to it anywhere, no installation needed.

Secondly, I can login to my sites with just one click. Truth is, I'm getting sick and tired of copy and pasting login/password back and forth between my browser and password manager. So I built onelurv to store my login/password and log me in with one click, no more sign in form.

Hence, web-based password manager would be viable if you are less security-demanding and more convenience-oriented.

Tidak ada komentar:

Posting Komentar