 
                        Network World Review: The best password managers for PCs, Macs, and mobile devices RELATED Wearable security: Two-factor authentication apps for Apple Watch 8 reasons to use 1Password that don't involve storing passwords Top password managers compared on IDG Answers If I buy a Chromebook and can't get to grips with OS can I convert to windows? 10 local and cloud-based contenders make passwords stronger and online life easier for Windows, OS X, iOS, Android, BlackBerry, and Windows Phone users By Tim Ferrill Follow InfoWorld | Jun 17, 2015 6:09 AM PT RELATED TOPICS Security Passwords COMMENTS Thanks to a continuous barrage of high-profile computer security scares and reports of cloud-scale government snooping, more of us Internet users are wising up about the security of our information. One of the smarter moves we can make to protect ourselves is to use a password manager. It's one of the easiest too. FREE COURSE: Learn basic Cisco networking In partnership with tech training provider Pluralsight, Network World offers a free online course on READ NOW A password manager won't shield you against Heartbleed or the NSA, but it's an excellent first step in securing your identity, helping you increase the strength of the passwords that protect your online accounts because it will remember those passwords for you. A password manager will even randomly generate strong passwords, without requiring you to memorize or write down these random strings of characters. These strong passwords help shield against traditional password attacks such as dictionary, rainbow tables, or brute-force attacks. [ InfoWorld's Mobile Security Deep Dive. Download it today in your choice of PDF or ePub editions! | Keep up on key mobile developments and insights with the Mobile Computing newsletter. ] Many password managers allow you to automatically populate your password vault by capturing your Web logins using a browser plug-in and allowing you to store these credentials. Other options for populating your password database include importing an Excel spreadsheet or manually entering your login information. Further, using these stored credentials is typically automated using a browser plug-in, which recognizes the website's username and password fields, then populates these fields with the appropriate login information. Although several browsers offer similar functionality out of the box, many password managers offer several benefits over the built-in browser functionality -- including encryption, cross-platform and cross-browser synchronization, mobile device support, secure sharing of credentials, and support for multifactor authentication. In some cases, usernames and passwords must be copied from the password manager into the browser, reducing the ease of use but increasing the level of security by requiring entry of the master password before accessing stored login information. 6 simple tricks for protecting your passwords Some password managers store your credentials locally, others rely on cloud services for storage and synchronization, and still others take a hybrid approach. Some of the options using local storage (such as KeePass and 1Password) still support synchronization through Dropbox or other storage services. Deciding which password manager is best for you will come down to features and ease of use, as well as to whether you're comfortable storing your passwords on the Internet. If having your critical data stored in a cloud service worries you, then KeePass, 1Password, or SplashID Safe (sans SplashID's cloud service) offer the top options. If you trust cloud-based services with your passwords and believe they will protect your data using good security practices and encryption, then LastPass, Dashlane, or PasswordBox are your best bets. In my judgment, KeePass is the best of the options using local storage. The fact that it's open source, free, and complemented by countless plug-ins adds up to a very flexible option. With the right combination of plug-ins, KeePass can be made to do almost anything you could require of a password manager. My favorite cloud option is LastPass, primarily due to its low cost and the consistent implementation of features across all of the clients. Each LastPass client I tested was easy to work with, stable, and remarkably uniform from a usability perspective. Additionally, the fact that a LastPass Premium account is all of $1 per month makes it an extremely compelling option. But one of these other options might suit you better. Really, you can't go wrong with any of these password managers. RESOURCES WHITE PAPER Making SAP Simple And Personal: Transforming 16,000 workflows into powerful minutes of productivity WHITE PAPER How to Overcome Web Security Challenges (And Sleep Well at Night) SEE ALL Go 1Password 1Password is the brainchild of AgileBits, maker of the popular Knox encryption tool for OS X. Unlike Knox, 1Password offers support for multiple platforms, including Mac, Windows, iOS, and Android. Like KeePass, 1Password uses a local file to store encrypted passwords. AgileBits does not provide a cloud service for synchronization with mobile devices, but 1Password does support synchronization of the password vault using Dropbox (all platforms) or iCloud (Mac and iOS only). 1Password also supports synchronization over Wi-Fi between Windows, Mac, and iOS clients. Because the 1Password vault is contained in a single file, you gain the convenience of a portable password vault without having to store your passwords on the Internet. 1Password clients allow you to create and maintain multiple password vaults. Multiple vaults can be used to share some of your passwords with another family member or co- worker. Secure sharing between 1Password clients is supported, giving you a method to transmit a login (or any sensitive information, such as a credit card number or the answer to a website's security question) to another licensed 1Password user over an encrypted channel. Emailing login information in plain text is also supported, but this information is only as secure as your email traffic. 1Password stores your passwords in a local file, but supports synchronization across devices using Dropbox and iCloud. TOP NEWS Attackers can take over Cisco routers; other routers at risk, too DomainTools' Iris interface speeds up cybercrime investigations Attackers install highly persistent malware implants on Cisco routers 1Password now provides a number of different tools that analyze your passwords and the services they secure in order to identify potential vulnerabilities. Though many websites have patched the Heartbleed vulnerability by now, 1Password takes the precaution of comparing your last password change for a site against the date the site’s server was patched. If your password hasn’t been changed since the patch, 1Password will encourage you to protect yourself through a password change. Potential areas of concern such as duplicate or weak passwords are also identified. The cost of using 1Password is markedly different than cloud-based password lockers. Users must purchase clients for each platform they intend to use, costing more up front than a subscription service, but potentially saving money in the long term. 1Password for PC or Mac cost $49.99; the Mac-plus-PC bundle runs $69.99. Both the iOS app and Android apps are free with an in-app upgrade to the Pro feature set for $9.99. My biggest concern with 1Password has to do with feature parity between the Mac and PC versions. Currently both platforms offer similar features, largely due to a massive update to the Windows version mere days before publication of this article. Previously, features such as secure sharing or Wi-Fi sync were nowhere to be found. AgileBits has made good on promises to bring these features to all platforms, but if you're primarily a PC user, the lag may be cause for concern. Regardless, 1Password is a strong password manager. With AgileBits' strong ties to the Apple community, this is particularly true for Mac and iOS users. Dashlane Dashlane toes the line between cloud service and local password manager in an attempt to answer every security concern. You can store your password database on Dashlane's servers and take advantage of synchronization across devices, or you can store your password vault locally and forgo synchronization. It's your choice. If you store your password database in Dashlane's cloud, your master password remains with you only. Rather than storing a hash of the master password on its servers, Dashlane claims to use your password merely to encrypt and decrypt the data locally. For this reason your password database on the Web is read only, and changes can solely be made on a client. Authentication is performed against devices that are registered with Dashlane through a two-step process, incorporating your master password and a device registration code sent via email. Two pricing tiers are offered for Dashlane users. A free account allows access to your passwords through a single device of your choice. Premium accounts, which cost $39.99 per year, let you synchronize your passwords across multiple devices, perform account backups, share more than five items, give you access to the read-only Web app, and entitle you to Dashlane's customer support. Dashlane will store your password database in the cloud, but your master password remains with you only. (Don't lose it!). Like other password managers, Dashlane will assess the strength of your password as you create it. With Dashlane, retention of your master password is critical. The company states that it is unable to perform password recovery in the event of loss, a necessary side effect of its decision to not store a copy of your password in any form. Two-factor authentication is also supported through the use of Google Authenticator. Support for two-factor authentication must be enabled through the Windows or Mac client and can only be used on Internet-connected clients.
Details
- 
                                File Typepdf
- 
                                Upload Time-
- 
                                Content LanguagesEnglish
- 
                                Upload UserAnonymous/Not logged-in
- 
                                File Pages17 Page
- 
                                File Size-
