KeePassX

My use of rather feeble passwords has been on my mind of late. Following a recommendation I have tested out the free and open-source KeePassX application. This runs on multiple platforms including OSX, mobile phones or a portable application from a USB stick. It's rather neat to be able to update passwords on my Macmini and then copy the same encrypted password file to my trusty Sony Ericsson K750i for use on the go.

It works as a pretty standard encrypted password wallet but the feature I've enjoyed most is the automatic password generation. This means I can generate random passwords with various options as to whether to include uppercase, lowercase, numbers and odd characters. For most online applications where I might login from someone else's PC I have switched over to using a 16 character random mix of uppercase and numbers on the basis that I might have to type it in by hand. For my various other sites, particularly those that remember my credit card details, I have used 25 character or more random mixes of uppercase, lowercase and numbers. Due to a vague concern about personal data, I have whacked on a human unfriendly 50 character password to my Facebook and Evernote accounts. Okay, in the latter case I could type in the 50 character password by reading it off my mobile phone but I really cannot imagine having to log in to a strange or temporary computer to access these applications.

It seems odd that some websites that store your credit card limit passwords to a crackable 12 characters. I have one such site but I'm using a fully random password with special characters.

As it feels a lot easier not to have to remember passwords in my head, I am now far more likely to change passwords after, say, logging into my Amazon account while on holiday from an internet cafe.

Sites:
http://www.keypass.info
http://www.keypassmobile.com