Sunday, July 06, 2008; website updated 8 days ago.
Password management software provides you with a safe and secure way to store all your confidential information. The password manager application typically stores all your information in an encrypted file or database, which can then only be opened if you know the master password.
The explosion in websites requiring user ids and passwords - for everything from email, contest registrations, bills and banking information - has created a need for a password management applications. The password manager application is typically used to store these website passwords, making access quicker and safer.
However, most password managers also provide the functionality to store many types of information, including credit card numbers, PIN numbers, financial statements, or, perhaps those love letters to your mistress! Just think, everything nicely tucked away so that only the person with the master password can access them.
As there are about a zillion websites that require you to have a password, it can get awfully confusing remembering which id and password go where. The easiest way to solve this is to use the same password everywhere..... Except that when a criminal gets hold of it, they get hold of all your information. People need a secure way to keep track of passwords (something more secure than a sticky piece of paper next to the computer!)
By relying on bad practices, such as the above example, or using weak passwords (i.e. birthday, names, etc), people leave themselves vulnerable to internet crime and identity theft. It is important to remember that convenient is not always better when it sacrifices security.
There are many ways to solve this problem. You could create super hard passwords and use a special ink to write them down (of course, you have the only decoder ring that works with that ink, right?). You could have your dog type something in for you (only troublesome when returning to that site and Fido is busy fetching a ball). Or you could take advantage of a password manager, which can store all this information in one place, so you only have to remember the password to it - Genius! It is about time something actually made life easier.
The password you use to unlock your password manager is normally referred to as a 'Master Password'. If you use a password manager, this will be the only password you will ever have to remember, ever again!
Having a single master password is not only convenient but it improves your security also. Since you only have one password that you have to remember, you can make it a strong one, something that is long, contains multiple uPpErcaSe leTTers, numb3r5, and symb*ls.
Knowing the master password is the only way to unlock the information that is in the encrypted password database. Therefore it is very important that you never forget this password, otherwise your information will be lost forever and it is back to square one.
Steve Jobs knew the importance of a password manager, so Mac OS X comes with its very own password manager built-in - the Keychain.
This Keychain Access program is available to all applications running on Mac OS X. Most applications will store user ids and passwords into the default keychain. This saves you time because you don't need to re-enter passwords and it keeps you secure because the keychain is strongly encrypted. Best of all, it keeps all your passwords organized in one place.
Safari, and some other web browsers, will store your website user ids and passwords into the keychain. This allows Safari to AutoFill website logins for you on many sites. Sadly, Safari's AutoFill doesn't work on all websites (especially the financial websites, where it is needed the most); this is caused by the notorious autocomplete=off problem. Also, life is not easy if you have more than one identity (i.e. 2 Yahoo! accounts) at a website, where the autofill becomes more of a pain than a help.
The Keychain Access program can be used to manage your keychain entries.
As you can see, it is a fairly straight forward program to use. You can search, edit, and even create new 'Web form passwords' and 'Secure Notes':
While the technology behind Keychain is top notch, after using the Keychain Access program for a few days, you will quickly realize that it is not your typical Apple application. It was designed for, and still is used primarily by programmers and developers.
Most people with Mac OS X use the keychain everyday, without really knowing they do. The average user never really gets the full potential use, nor does the program give an everyday user what they really need. Personally, I never use the Keychain Access program directly, unless there is some maintenance required.
Since there are many issues for both the functionality and practical use of the Keychain and AutoFill, many independent Macintosh developers created their own password managers to improve the situation.
There are over 40 password managers for Mac OS X that provide a secure storage area for passwords, serial numbers, credit cards, and so on. Here is a sampling of the available stand alone password managers from MacUpdate:
I spent weeks trying each of these password managers. All of them do what they are supposed to: they provide you a secure place to store your information. However, none of them saved me time nor outclassed the original Keychain to make it worth my while to justify purchasing any of them.
One thing that I really didn't like was how they exclusively focused on storing your confidential information, as opposed to making it easy to use this confidential information in a secure way.
Each application listed above also creates its own database to store the information, also using their own encryption codes. This means that they have proprietary source code that is kept private. There is no easy way for you to verify that the database is indeed secure.
Sadly, none of these applications leveraged the existing OS X Keychain. Using this would not only make users more comfortable knowing the data is secure (after all, there is an entire team of Apple developers that created this), but it would also make it easier to synchronize your data across machines via the built-in .Mac integration.
Most of the time, you need passwords while browsing the web. This means that most password managers need you to work for them, not the other way. When you visit a website, you need to manually signup, and then copy your user id and password AND web site url into the password manager. Then, every time you return to the website you need to manually copy-n-paste the information into the site. What a pain!
If the program was smarter, you could have the password manager integrated directly into your web browser to save you time, while also making you more secure. Try to find a program that does this on Mac OS X, and you won't find many programs. Add in wanting to generate passwords automatically, and you are down to one great product - 1Passwd.
True browser integration is one of the features that makes 1Passwd really unique.
Not only that, but you can really make this thing work for you - you don't even have to make up passwords any more and remember if you made it a little 'k' or a big 'K' when you have to re-type - it can automatically generate super strong passwords for you, with just a click of the mouse. That's right, one click and you have a strong password you never had to type (take that keyloggers!) and have automatically saved for the next time you visit the site.A really good password manager can not only keep the passwords safe, they can thwart keyloggers, avoid phishing websites and also automatically generate (and remember!) passwords. This makes them unique and much stronger, making you much safer.
1Passwd is an awesome product, if I do say so myself! If you don't believe me, you should watch this video, and after that I am sure you will want to give it a try. There is a free version available too, so you can get your feet wet before taking the dive into password freedom.
Historically a longtime Windows user and consultant at several large enterprises, Dave Teare converted to Mac OS X and co-founded a company that focuses on Mac security and related products.
Dave can be found blogging at his home, Mac Security Book, and the Switchers' blog.
Recent Posts On Dave's Blogs
Personal Blog
|
Mac Security Book
|
If you have ideas on how to improve this site or just want to say "Hi", you can contact me using this form: