About the author


I'm a geek with a love for all things tech. I'm also an online business consultant with expertise in SEO, SMM, and digital marketing strategies.

Related Articles


  1. 1

    Mike Cerm

    KeePass is essential. If you’re going to be safe online, you have to use different passwords for every site. Unless you have a really simple (and therefore, unsafe) way of creating memorable passwords, you can’t possibly remember them all.

    Obvious pro-tip: Use Dropbox to sync your KeePass database.

  2. 2


    I use both KeePass and 1Password depending upon the OS. It is probably obvious to most of you but:
    1. if you can create your own secret question(s) use KeePass or 1Password to create the question. make sure you generate a strong password as your question
    2. regardless of the question you do not need to answer truthfully so again, generate your response as a strong password.

  3. 3


    I think it does not really address the issue that relying solely on passwords are not really the solution. Bruce Schneider posted a reference that having strong passwords for online accounts does not really achieve the desired result, http://www.schneier.com/blog/archives/2009/07/strong_web_pass.html

    However, for something like company confidential information stored and shared on a service like google apps/docs, it may make sense to have dual factor based authentication, a password and something else. So something as basic as an SMS code texted to the registered user or only authorised devices (eg specific browsers) are given access or even one of those rsa type time based key thingees.

  4. 4


    What about Macs ?? KeePass seems to be happy with windows only version …

  5. 5


    @chandi: I use KeePassX. It’s a port of KeePass for *nix systems (Mac included). I actually prefer it to the standard Windows only version of KeePass.

  6. 6


    @duanehubbard: Thanks there! I use the standard Keychain Access … I hope this is better, anyways I will give it a try!

  7. 7

    Tim Lytle

    What’s the general feeling of passpack.com (or similar web based stores)? Security should be the same (as in the encryption of the passwords), yet keeping the ‘database’ on a 3rd party server somewhere just seems wrong.

    But is it? It’s already encrypted before it’s sent.

    On the dual factor topic, myopenid.com will call you (if you want) to verify a login. Wouldn’t it be nice to be able to choose your security/identity provider for ‘important’ things (seems like the sites that *accept* openid are all low-security).

Comments are closed.