Working on the web we have LOTS of passwords to keep track of: including other people’s password entrusted to us whilst we are working on Search Engine Optimisation and the like. Keeping track of them in a convenient and yet secure manner needs careful attention. I thought I’d share our hints and tips with you because we’ve seen too many businesses that use the same password for everything or which just store passwords written down on a piece of paper.
- Firstly, as a master password database, we recommend an open source (free and frequently updated) program such as KeePass. This encrypts all your password data securely with one master password: almost impossible to crack if somebody stole your PC or found a missing USB memory stick!
- Secondly, for speed/convenience, you can use the Firefox web browser remembered passwords facility. Storing passwords in an internet browser is normally highly insecure – but by setting a master password in Firefox it will encrypt those saved passwords for you (although to be honest I won’t trust any passwords of a financial nature to such a system – but that is probably just paranoia).
- Finally, if you’ve got other information of a sensitive nature then you might like to consider AxCrypt to encrypt whole files securely (e.g. Word and Excel documents, whose own password protection schemes are pretty insecure).
Security is a big issue which needs careful consideration (e.g. changing passwords at intervals, sharing passwords securely, planning for fire or theft, backing up etc.) but these tools should at least give you a good starting point.