Online Password Security & Encryption
Last response: in Windows 7
Hello,
I recently read the Wired article(s) all about the death of the password, and became inspired to attempt to improve my personal security measures.
I recognize that simply making a better password is like putting a band-aid over a leak in a dam, but I feel like band-aids are all I have, so I'd better make due.
I have looked into online encryption/hashing software, but am wondering if there are any I can trust (and if I should even bother pursuing) or if I should attempt to make one on my own. Does anyone have any ideas?
Thanks.
I recently read the Wired article(s) all about the death of the password, and became inspired to attempt to improve my personal security measures.
I recognize that simply making a better password is like putting a band-aid over a leak in a dam, but I feel like band-aids are all I have, so I'd better make due.
I have looked into online encryption/hashing software, but am wondering if there are any I can trust (and if I should even bother pursuing) or if I should attempt to make one on my own. Does anyone have any ideas?
Thanks.
More about : online password security encryption
In addition to Truecrypt there's:
Free:
http://www.gnupg.org/
Commercial:
http://www.symantec.com/products-solutions/families/?fi...
Free:
http://www.gnupg.org/
Commercial:
http://www.symantec.com/products-solutions/families/?fi...
Related ressources
- Best internet online security that doesnot slow down my computer - Forum
- A survey on password security for a class - Forum
- Trying to get online with new laptop using wirreless. dont remember my security - Forum
- How do I find the WEP/WPA/ Security Key/ Password for my wireless router - Forum
- Secure my online - Forum
So, I've now looked into TrueCrypt and I agree that it seems to be a very valuable tool for data protection (I will probably start using it for my docs w/ personal data), but I don't think it really helps me with my question... or rather I don't yet know if it can.
I should have been a little more specific. What I think I'm looking for is a way to have hashed password entry into online accounts... like so that I could have a way of entering a seemingly random password when I login to Google or Facebook, etc. I have seen online tools that will give hashed forms of various types of input, but would that be worth doing? I mean, any hacker could go to that same tool and repeat that process.
Is there a good way to make it harder for someone to break into an online account?
Thanks.
I should have been a little more specific. What I think I'm looking for is a way to have hashed password entry into online accounts... like so that I could have a way of entering a seemingly random password when I login to Google or Facebook, etc. I have seen online tools that will give hashed forms of various types of input, but would that be worth doing? I mean, any hacker could go to that same tool and repeat that process.
Is there a good way to make it harder for someone to break into an online account?
Thanks.
Your probably thinking of something like an RSA key fob:
http://www.google.com/#hl=en&sugexp=les%3B&gs_rn=1&gs_r...
Quite secure but the website would have to implement it on their end.
http://www.google.com/#hl=en&sugexp=les%3B&gs_rn=1&gs_r...
Quite secure but the website would have to implement it on their end.
Ok, so since the RSA key is not an option for most sites, I decided to take an approach that incorporated truecrypt and a free online hashing tool. I'm sure it's not the best and it will end up being several extra steps to login to various sites, but it may be worth it to ensure my security - we'll see. Here's instructions for what I did:
1) Install truecrypt. (I will need to do this on every machine I want to login on from now on.)
2) Create an account for/login to some cloud-based storage service (dropbox, google drive, skydrive, etc.).
3) Go online to some freely available encryption tool (see John Walker).
4) Use an encryption method you like. This step could be done multiple ways depending on the tool you use. What I did was generate a list of several random lines of passphrases of a certain length using a particular seed/key and copied the seed and line number of the passphrase I wanted into a text file named after my login ID.
5) Start truecrypt and create an encrypted truecrypt volume with a password that you will actually remember (this could be the password you used before or not) and named after whatever particular site(s) you want to login to securely. Make sure that volume is in the directory that the cloud storage service syncs with (and be sure to follow the beginner's tutorial and wizard directions). WARNING: some could storage services will automatically start syncing a file as soon as it is created/modified, meaning you may have to right-click->exit the service from your taskbar before you can mount the volume in truecrypt.
6) Inside that encrypted volume, place that text file with that info.
7) Go to the site that you want to login to securely, and change your password to match whatever was on the line number you chose. WARNING: certain sites (Tom's included) have length limitations on the password change dialog even when those limitations aren't present when creating your password initially.
Now, whenever I want to login securely to a site, I need to:
1) Make sure that my cloud storage service is synced to my PC.
2) Start truecrypt and select the file/volume for the site I want to login to that is stored in the cloud service directory.
3) Mount the volume and enter the password I remember.
4) Open the file in that volume with the info I need to re-generate my password.
5) Go online to the passphrase generating tool, enter the seed/key, and generate the list of passphrases.
6) Select and copy the passphrase on the line number I stored in the file.
7) Go to the site I want to login to, enter my username, and paste the passphrase I copied from that list.
1) Install truecrypt. (I will need to do this on every machine I want to login on from now on.)
2) Create an account for/login to some cloud-based storage service (dropbox, google drive, skydrive, etc.).
3) Go online to some freely available encryption tool (see John Walker).
4) Use an encryption method you like. This step could be done multiple ways depending on the tool you use. What I did was generate a list of several random lines of passphrases of a certain length using a particular seed/key and copied the seed and line number of the passphrase I wanted into a text file named after my login ID.
5) Start truecrypt and create an encrypted truecrypt volume with a password that you will actually remember (this could be the password you used before or not) and named after whatever particular site(s) you want to login to securely. Make sure that volume is in the directory that the cloud storage service syncs with (and be sure to follow the beginner's tutorial and wizard directions). WARNING: some could storage services will automatically start syncing a file as soon as it is created/modified, meaning you may have to right-click->exit the service from your taskbar before you can mount the volume in truecrypt.
6) Inside that encrypted volume, place that text file with that info.
7) Go to the site that you want to login to securely, and change your password to match whatever was on the line number you chose. WARNING: certain sites (Tom's included) have length limitations on the password change dialog even when those limitations aren't present when creating your password initially.
Now, whenever I want to login securely to a site, I need to:
1) Make sure that my cloud storage service is synced to my PC.
2) Start truecrypt and select the file/volume for the site I want to login to that is stored in the cloud service directory.
3) Mount the volume and enter the password I remember.
4) Open the file in that volume with the info I need to re-generate my password.
5) Go online to the passphrase generating tool, enter the seed/key, and generate the list of passphrases.
6) Select and copy the passphrase on the line number I stored in the file.
7) Go to the site I want to login to, enter my username, and paste the passphrase I copied from that list.
Related ressources:
- ForumHow to unlock security code of nokia c7
- ForumOnline storage/backup-avoid encryption problems?
- ForumUsb disk security
- ForumMicrosoft Security Essentials proble.
- ForumDont no the password to the adminstrative account on my dell vostro w/ windows 7
- ForumMrFace's Security Locker (Updated 13DEC2010)
- ForumHow do i clear the CMOS password on the toshiba satellite a350d-ba3
- ForumProposed security &backup regime-thoughts & ideas??
- ForumHow to find my own security key?
- ForumHow do I find the WEP/WPA/ Security Key/ Password for my wireless router
- Forum"Reboot and select Proper boot device"
- ForumTrying to set a password to unsecured router
- Forum[Solved] usb disk security 6.0.0.126 licence key
- ForumI dont have the cd for my hp laptop and i've forgotten my admin password..can yo
- ForumAvast free + malwarebytes free + windows security essentials
- More resources
Read discussions in other Windows 7 categories
!
