By Jim Chenvert and Lise Kojima
Compass Computer Clinic
In the first four parts of this series, we focused on securing the various parts of a home network using passwords. There’s a password for your internet service provider account, one for the WiFi router, for your computer, your phone, your apps, your bank accounts, web mail accounts. That is a lot of passwords to remember!
As a computer repair shop, we see many ways that people use to remember their passwords; pieces of masking tape stuck to the bottom of a desktop, sticky-notes stuck to laptop screens, passwords written in little notebooks. These methods may serve a limited purpose but don’t necessarily allow for easy and regular changing of those passwords. Often, we find out these written passwords are no longer valid because they have been changed and the new password hasn’t been written down.
We have started showing customers how to use a password vault. A password vault is a software program whose sole purpose is to store passwords in an encrypted file. Encryption ensures that the passwords are unreadable without typing a master password to unlock the vault. Using a password vault means that you only have to remember one password i.e. the password to the vault and the program remembers all the others.
Another benefit of using a password vault is that it encourages unique passwords for each account. Re-using passwords, though convenient, ensures that if one account password is guessed, then all other accounts are vulnerable because the same password can be then used to access any of them. Re-used passwords are only as safe as the least secure web site on which it is used – and there are many, very insecure web sites.
There are many password vault programs but we recommend Keepass (Classic Edition) which may be safely downloaded for free from the website keepass.info/download.html. Keepass has all of the most important features for which we look in a password vault program. It saves passwords in an encrypted file that can only be opened by typing in a single master password. It allows the generation of random rule-based passwords. The password vault is NOT hosted in a cloud. Lastly, the password vault is small and portable meaning the encrypted password vault file can be stored on a USB thumb drive and connected to a computer or it can be saved on a phone or tablet and accessed with the phone and tablet version of the password vault program.
Once Keepass has been installed, it will ask you to create a New Password Database. You will be asked to provide a master password. We like to choose a short, memorable phrase or sentence, replacing vowels with numbers. For example, a good master password could be something like, “[email protected]@rds.” Once a master password has been selected, save the password vault file and give it a name that you can remember such as “lk-pwd.”
Once the new Keepass password database and master password have been created, new passwords can be saved by entering Title, User name, Password and web site. The number of user names and passwords that can be saved is unlimited and the best part is that you only have to remember the master password. Once open, the password vault will let you copy and paste all the other passwords as required.
Jim Chenvert and Lise Kojima co-own Compass Computer Clinic in Champlin, a one-stop-shop for computer repair and maintenance needs. Contact Compass Computer Clinic at (612) 605-8194 or by email at [email protected]