What to do with passwords once you create them

Password management isn’t sexy, but it’s a problem that touches everyone who touches a computer, CNET reports. Not only are people forced to create new passwords at a dizzying level as they join social networks, do eCommerce, and deal with frequently expiring passwords at work, but there are new and novel password theft methods all the time. Just this week, Mozilla disabled a Firefox add-on that was intercepting login data and sending it on to a remote server. Cryptography expert Bruce Schneier used to write his passwords down on a slip of paper and keep it in his wallet. Today, he uses a free Windows password-storage tool called Password Safe that he designed five years ago and released into the open-source community. The desktop application lets users remember only one master password to access their password list. But Schneier still recommends the paper method for people who don’t have their computers with them at all times like he does. “Either write the passwords down and put them in your wallet, or use something like Password Safe,” he said in an interview. An informal survey of a dozen or so security experts reveals that some of them still rely on the paper and pen method. One respondent even admitted to succumbing to the post-it-note under the keyboard strategy. (If you do choose to write the passwords down you should avoid including the Web site or other identifying information, obviously…)

Click here for the full story