But When You Do Need Higher Security…

Posted Thursday, 18 January 2007, 12:04 am

Continuing on the theme of passwords and security—and I promise this will be my last on the matter, as I’m getting sick of it too—I’d like to make a software recommendation.

Even though I’m a Unix Systems Administrator by trade, I use Microsoft Windows on the Desktop. Have for more than a decade. It’s partly pragmatic, as it’s what most of the rest of the world uses on the desktop too. It’s partly for fun, as I enjoy "First-Person Shooter" games, and most are written either for the PC or for consoles. And beyond that, I like playing around in Windows. I have no particular religious sentiment in the matter, unlike many people. I don’t get my nose bent out of shape when I have to pay real, actual money to purchase software. I realize that Bill Gates is one of the wealthiest men ever to have lived, and that too doesn’t bend my nose out of shape. He’s rich, I’m poor, so what? I dislike fairly intensely the use of Windows in a server environment, and that’s largely due to the less than stellar performance of Microsoft products in that milieu. I prefer Solaris for bulletproof services, and to a lesser extent some flavors of Linux and FreeBSD. But I digress.

I do my online banking and finances on my Windows XP desktop PC. As a highly internet-centric individual, I have visited, and maintain accounts, on many, many websites that require username and password. For a long time, I used a very weak password of my own making, all of seven characters long, for almost every site I visited. I still do use it occasionally for sites that are of no significance—wherein if someone busted into the account, nothing of any importance would transpire from it.

Realizing the inherent danger in using such a weak password for everything, I took a look around several years back for a solution, and I found one that has served me exceptionally well: Roboform. Roboform automates creating and saving passwords, tied to the specific site that needs it. The passwords are encrypted, and you can set a master password with which you can prevent access to any stored passwords.  It is elegant in its simplicity, but exceptionally powerful at the same time. The built in password generator can create stunningly long, complex passwords, far more complex than one could easily remember—or for the ‘blackhats’ to break. When I was creating the examples for my followup article on obfuscated passwords, I used roboform to generate those strings. With just a mouse click, you can generate random password after random password, like this:

g*w4#Kg49785G8Q7f97F483Jp36BHb4xqQCe82P^

4rf8kXta73@%5!CKD&4co2EU4wdZdiS9Fn%

hBt#WjVY5363Mz5xz#2

4DJTP8u$xc$*H^95b8HB!^GMYXGgZGsXYpnJ7

And you don’t have to try to remember them! They’re all safely stored, tied to the username and site you created them for. Visit the site, and a box pops up offering to fill the fields (roboform recommends using their toolbar, but I don’t particularly care for it). Further, roboform can store Credit Card and personal information securely, and can autofill online forms with that information for you, speeding up checkout when making online purchases.

There are many, many more features beyond just these few I’ve listed. There is a ‘portable’ version you can install on a USB drive, and keep all your information with you, ready to hand, and yet still secure.

I can’t sing my praises for roboform enough. You can download it for free, and use it with up to ten stored passwords/sites. Roboform Pro is $29.95. Though it’s ten dollars more expensive, Roboform2Go, for USB drives, may be the better choice in the long run.

I give it 18.5 out of 20 klaatus! (so it must be good!)

I should add I have absolutely no affiliation with Roboform or Siber Systems (the company that makes roboform), besides being a very happy customer. I’m not getting any kickback from them for this fantastic review. Unfortunately.

Categories

Modren Lfie

Leave a comment

 

Made with WordPress and the Semiologic CMS | Design by Antonella Pavese