Passwords are your keys to online services and all services are not secured equally. These days it is not unheard of for a large company to be compromised and sharing a password across services will make you vulnerable.
For ideal password security your passwords should be:
- random, a jumble of letters and numbers and symbols
- long, short passwords can be brute force guessed
- memorised, written passwords can be found
- unique, if one password is found out your others are safe
We make compromises on the above to make them more convenient to use. Previously I thought it more important that my passwords be memorised, so I used 3 passwords for different levels of security. After some troubling data breaches I decided to update all my passwords to make them unique.
To achieve this uniqueness I used a password database or password manager. I didn’t previously use this because it was a single point of security failure, however it is a compromise I am now willing to make to address the more likely risk and I would recommend for others concerned about recent data breaches.
KeePass is the one I chose to do this for the following reasons:
- Open source, this makes the code safe through peer code review
- No automatic upgrade, new code is not assumed to be equally safe as current
- Stored locally, online storage opens up risk and many provider have been previously compromised
- Many password database security options, I have secured mine with a strong master password and also a key file. If I decide to sync online it should make it exponentially more difficult to break in to.