• Blog
  • Info Support
  • Career
  • Training
  • International Group
  • Info Support
  • Blog
  • Career
  • Training
  • International Group
  • Search
logo InfoSupport
  • Latest blogs
  • Popular blogs
  • Experts
      • All
      • Bloggers
      • Speakers
  • Meet us
  • About us
    • nl
    • en
    • .NET
    • 3D printing
    • Advanced Analytics
    • Agile
    • Akka
    • Alexa
    • Algorithms
    • Api's
    • Architectuur
    • Artificial Intelligence
    • ATDD
    • Augmented Reality
    • AWS
    • Azure
    • Big Data
    • Blockchain
    • Business Intelligence
    • Chatbots
    • Cloud
    • Code Combat
    • Cognitive Services
    • Communicatie
    • Containers
    • Continuous Delivery
    • CQRS
    • Cyber Security
    • Dapr
    • Data
    • Data & Analystics
    • Data Science
    • Data Warehousing
    • Databricks
    • DataOps
    • Developers life
    • DevOps
    • Digital Days
    • Digital Twin
    • Docker
    • eHealth
    • Enterprise Architecture
    • Event Sourcing
    • Hacking
    • Infrastructure & Hosting
    • Innovatie
    • Integration
    • Internet of Things
    • Java
    • Machine Learning
    • Microservices
    • Microsoft
    • Microsoft Bot Framework
    • Microsoft Data Platform
    • Mobile Development
    • Mutation Testing
    • Open source
    • Pepper
    • Power BI
    • Privacy & Ethiek
    • Python
    • Quality Assistance & Test
    • Quality Assurance & Test
    • Requirements Management
    • Scala
    • Scratch
    • Security
    • SharePoint
    • Software Architecture
    • Software development
    • Software Factory
    • SQL Server
    • SSL
    • Start-up
    • Startup thinking
    • Stryker
    • Test Quality
    • Testing
    • TLS
    • TypeScript
    • Various
    • Web Development
    • Web-scale IT
    • Xamarin
    • All
    • Bloggers
    • Speakers
Home » Keeping Your Passwords Safe
  • Keeping Your Passwords Safe

    • By Daan van Berkel
    • Security 8 years ago
    • Security 0 comments
    • Security Security
    Keeping Your Passwords Safe

    Keeping Your Passwords Safe

    There is a famous xkcd comic about passwords.

    Password Strength

    Although there is merit to message, with the amount of passwords one
    has to remember these days, this strategy is infeasable.

    Table of Contents

    • 1 Password Manager
      • 1.1 Benefits
    • 2 Usage
    • 3 Conclusion

    1 Password Manager

    A more scaleable solution to the password problem is using a password
    manager.

    1.1 Benefits

    The benefits a password manager offers fall in the following
    categories

    1. Store passwords. It is not uncommon to need a lot of
      passwords. Reusing passwords if frowned upon, because it would
      provide access to multiple sites once one password is
      known. So you need a different password for each site, that need to
      be recalled. A password manager has no problems to hold hundreds
      of passwords.
    2. Securly store password. Having passwords is one thing, but you
      would not want your passwords to be exposed. Writing them down on
      a piece of paper offers adversaries an opertunity to know your
      passwords. So password managers need to store your password securly
    3. Generate strong passwords. Human are ill equiped to come up with
      strong passwords. Again computers have no problems to generated a
      seemingly endless stream of (pseudo-) random numbers.

    2 Usage

    We will discuss KeePassX, although other password manager work in a
    similar fasion. I use KeepassX because it is available for a lot of
    different platforms.

    When you start the progam you are greeted with the
    following screen. It is not very usefull because there are no
    passwords yet.

    https://blogs.infosupport.com/wp-content/uploads/2014/10/step.00.png

    You first need to create a database. In order to keep your passwords
    safe it is best to both provide a master password and a master key file. This way someone needs two thing, something you know, i.e. the
    master password, and something you have, the master key file. Store
    the master key file on a thumb drive making it a portable. You will
    still have to remember the master password.

    https://blogs.infosupport.com/wp-content/uploads/2014/10/step.01.png

    Once you have created a database you need to store it
    somewhere. Because you want to use it on different devices it is best
    if the file is automatically synchronized. I use Dropbox, but other
    file synchronization providers can be used as well.

    https://blogs.infosupport.com/wp-content/uploads/2014/10/step.03.png

    Now that we have password database synchronization it is time to add
    passwords. Password entries can be provided with a lot of
    information. E.g. the url for to this entry, the username and
    expiration date.

    https://blogs.infosupport.com/wp-content/uploads/2014/10/step.04.png

    Most important is the password. Password managers can generate
    passwords for you. This allows for very strong passwords that are
    very hard to guess are crack. There are a lot of options to pick, but
    again choising a long password with a lot of entropy is best.

    https://blogs.infosupport.com/wp-content/uploads/2014/10/step.05.png

    When the entry is created you can use it. The program copies the
    username and password to the clipboard so it can easily provided when
    needed. When you close the program, it also wipes the clipboard so it
    will not be accidently exposed.

    https://blogs.infosupport.com/wp-content/uploads/2014/10/step.06.png

    3 Conclusion

    Using a password manager allows for more and more secure
    passwords. By synchronizing the password database it is usable on a
    number of different platforms, keeping a user safe from password theft.

    Share this

Daan van Berkel

View profile

Related IT training

Go to training website

Related Consultancy solutions

Go to infosupport.com

Related blogs

  • Secret management with Hashicorp Vault

    Secret management with Hashicorp Vault Tom van den Berg - 2 years ago

  • How to get Azure Sentinel Incidents via the Sentinel AP…

    How to get Azure Sentinel Incidents via the Sentinel AP… Sander Wannet - 2 years ago

  • Privacy & Computer Vision: How to Anonymize Video U…

    Privacy & Computer Vision: How to Anonymize Video U… Lucía Conde Moreno - 3 years ago

Data Discovery Channel

  • MLOps

  • Explainable AI - Break open the blackbox

  • Toekomstvaste microservice data architecturen

Nieuwsbrief

* verplichte velden

Contact

  • Head office NL
  • Kruisboog 42
  • 3905 TG Veenendaal
  • T +31 318 552020
  • Call
  • Mail
  • Directions
  • Head office BE
  • Generaal De Wittelaan 17
  • bus 30 2800 Mechelen
  • T +32 15 286370
  • Call
  • Mail
  • Directions

Follow us

  • Twitter
  • Facebook
  • Linkedin
  • Youtube

Newsletter

Sign in

Extra

  • Media Library
  • Disclaimer
  • Algemene voorwaarden
  • ISHBS Webmail
  • Extranet
Beheer cookie toestemming
Deze website maakt gebruik van Functionele en Analytische cookies voor website optimalisatie en statistieken.
Functioneel Always active
De technische opslag of toegang is strikt noodzakelijk voor het legitieme doel het gebruik mogelijk te maken van een specifieke dienst waarom de abonnee of gebruiker uitdrukkelijk heeft gevraagd, of met als enig doel de uitvoering van de transmissie van een communicatie over een elektronisch communicatienetwerk.
Voorkeuren
De technische opslag of toegang is noodzakelijk voor het legitieme doel voorkeuren op te slaan die niet door de abonnee of gebruiker zijn aangevraagd.
Statistieken
De technische opslag of toegang die uitsluitend voor statistische doeleinden wordt gebruikt. De technische opslag of toegang die uitsluitend wordt gebruikt voor anonieme statistische doeleinden. Zonder dagvaarding, vrijwillige naleving door uw Internet Service Provider, of aanvullende gegevens van een derde partij, kan informatie die alleen voor dit doel wordt opgeslagen of opgehaald gewoonlijk niet worden gebruikt om je te identificeren.
Marketing
De technische opslag of toegang is nodig om gebruikersprofielen op te stellen voor het verzenden van reclame, of om de gebruiker op een website of over verschillende websites te volgen voor soortgelijke marketingdoeleinden.
Manage options Manage services Manage vendors Read more about these purposes
Voorkeuren
{title} {title} {title}