I shared the following with my co-workers via an internal email but thought my site visitors might benefit from this wonderful nugget of wisdom as well…
Do you frequently use the same username and password when registering for new sites? (e.g., online banking, Facebook, etc.) Do you frequently use your birthdate or pet’s name as your password on these sites? I thought so. Please stop doing that.
If your nefarious second-cousin, scheming ex-best-friend or diabolical canine companion were to uncover your password for just one site, he/she could potentially wreak havoc on your whole life if you happen to be one of the people I mentioned in that last paragraph. So, how can you keep your online life a bit more secure without losing your precious sanity? Well, there are a number of ways; none of which involve writing your passwords down on napkins, your hands (palm or back), post-it notes, etc.
One of the ways that you can ease your mind without losing it is to use a service like Passpack. (BTW, if the length of this blog posting has you cursing yourself for even clicking this way, at least check out the quick & thorough overview on Passpack’s site before you leave and ultimately decide never to return to JasonHeydasch.com.)
Let me first say that Passpack is an online service hosted on servers over which you have no control. That said, there is literally no other online service I would recommend for storing sensitive data. However, Passpack has implemented a wonderful set of security options. As an example, you use both a password AND what’s referred to as a “packing key.” Both of these can be whole sentences (as I’ve chosen) to further enhance your security.
So, let’s say you’ve chosen “You don’t win friends with salad.” as your pass-phrase and “I’d rather eat dirt than collard greens!” as your packing key. (Punctuation included for heightened security.) That’s just the beginning. Passpack offers the following additional items to keep your information safe:
- verification phrase of your choice that’s displayed before entering packing key (if you don’t recognize the phrase, don’t login!)
- shape recognition (click on the box that’s highlighted, this is displayed on the same page as the item above)
- throwaway logins (if you know you’ll be logging in to a public computer, create one or two throwaway logins to use in these instances. They only work once.)
- random password generator for new sites on which you register
- automatic locking (site locks up when you’re away from your PC for a while)
- always-on AES-256 encryption algorithm (US government approved, Passpack employees can’t even see your stuff) and an EV-SSL certificate
That’s not even all. For more info on how they keep your stuff safe, you can read their page on security & privacy or just g’head onto passpack.com and create an account. It’s free.