Password Security Tools

Users often have multiple online accounts with e-commerce sites, webmail sites, social networking sites, and other websites, most of which require a username and password. Faced with remembering many different passwords, users typically do one of two things: they either use the same password for all or many of their sites, or they use extremely simple passwords that are easy to remember, such as names, dates or "dictionary" words.

While convenient, it is not very secure. Simple passwords can be easily cracked or compromised using simple brute-force, dictionary-based attacks. Even slightly complicated passwords can be cracked using more sophisticated techniques.

The Microsoft Safety and Security Center  provides a free tool where users can test the strength of their password. Most authorities recommend a mixture of uppercase, lowercase, numbers and special characters, and a minimum character length typically no fewer than eight. Even if users do create a strong password, however, often they use this same password everywhere. If this password does happen to be compromised, all the user's accounts are vulnerable.

To provide convenience and security, password management software, such as RoboForm , Sticky Password  and Tray Safe , automates this process. The user simply creates a table for the website, username, and password. This information is then encrypted by the software. The user just needs to remember a master password to use the software. When the user wishes to access a website, he simply clicks on the corresponding entry in the software, and the website fields are filled automatically. Such software even automatically generates strong passwords for the user if desired.

Users should keep in mind a single point of failure still exists with such software. If the master password is compromised, it may be possible to recover all the other passwords as well.