Share

Follow Us

Passwords

Enter Password

Passwords; we can't seem to get away without them, as they are currently the standard way of protecting our digital data.  Even with passwords, personal data can still be at risk.  There are two main ways that hackers can get past a password defence.  Firstly, if you use a weak, or easily guessed password, a hacker can guess, or use brute force, to come up with your password.  The other way is when attackers hack the computer system of a company or organization, and steal all of the users passwords.

To minimize the first type of attack, it is important to create and use strong passwords.  While this does not guarantee that a determined hacker won't be able to break through, it helps to reduce the chances.  For the second type of attack, there is not much an individual can do to prevent a hacker from stealing their password from an organization, but there are ways to limit the impact.  The main thing is to ensure you don't use the same password for different sites or accounts.  Once a hacker has stolen passwords for one site, they will try to use those same passwords on other sites.  Another way to thwart hackers is to change your passwords regularly and if you hear of a site or organization being hacked, change your password immediately.

Strong Passwords

To help create Strong Passwords, use the follows list of Do's and Don't.

Do's

  1. Use a password with at least 8 to 10 characters. The more characters in the password, the more combinations there are, making it more difficult to hack it. For example, if a password only has upper case letters, a four character password would have approximately 450,000 combinations, if it had six characters there would be approximately 31,000,000 combinations, and if you use 8 characters, there would be approximately 210,000,000,000 combinations.
  2. Use a combination of numbers and letters, and use a mix of UPPER and lower case letters.  This also increases the number of combinations. For example, if a four characters password only uses upper case letters, there would be approximately 450,000 combinations, if it uses both upper and lower case letters, there would be approximately 7,000,000 combinations, and if numbers were included as well, then there would be approximately 15,000,000,000 combinations.
  3. Add a special character. This again increases the number of combinations, and reduces the risk of a dictionary attack.
  4. Change your password every few months.  This way, if your password has been discovered, it will eventually be changed and the hacker will again be out of luck.
  5. To help create passwords that you can remember, use a phrase you can remember, and then take the first letter of each word, then append a number to it.  For example, the phrase: This is a password phrase could give a password like: Tiapp123.
  6. Use a Password Manager, like PWMinder Suite, to help you remember, and keep track of your passwords.

Don'ts

  • Don't use password or 1234 as your password (you'd be surprised how many people do that).  See this cnet article for more examples.
  • Don't write your passwords down, or store them un-encrypted on your computer.
  • Don't use a word or name that is personally associated with you, such as a family member's name, birth month, city born, etc. If a hacker can find information about you, they will try to use that information to guess your password.
  • Don't use common words. These are easily cracked using a dictionary attack, where hackers will attempt to find your passwords buy trying all words in dictionary list of common words.
  • Don't use the same password for all of our account and websites.  If one of your passwords were to be exposed, then the hacker would immediately know the password for all of your other account and website.

Two-Factor Authentication

Two Factor Authentication Using strong passwords is a good start, but there is still a chance a hacker will get a hold of it, either by guessing, using brute force, or more likely stealing it from the database of the website you log in to.  To add an extra layer of protection, several prominent web sites are now employing two-factor authentication.  The basic idea of two-factor authentication is that in order to log in, a Web Site will ask for something you know and for something you have.  Typically the something you know is your typical password.  The something you have is often your mobile phone.  After entering your password, the web site will send a one time use code to your mobile phone, often as a text message.  If this code is not used within a short period of time, it will expire.  In this way someone trying to log in as you, will need to know your password and be able to receive a text message on your phone.

Two-factor authentication can be tedious, but most sites have a setting that once you have logged in once, using two-factor authentication, you can set it to remember that computer as trusted, so you don't need to go through the process every time.

Not all Web Sites offer two-factor, but several major ones do, such as Google, Facebook, PayPal, Twitter, LinkedIn and Dropbox.  If you use any of these site I would highly recommend setting up two-factor authentication.

With the development of new features, changes to the data structure of the Repository may need to be made.  Updates to the various products need to be made to work with these changes.  Repository files have a version, that gets upgraded as changes get made to the structure of the data.  The version of the Repository does not necessarily coincide with the version of the individual products.  The table below lists the history of the Repository versions and the corresponding version of the products that are compatible with it.

 

Repository VersionDesktop VersioniOS VersionAndroid Version
1.0 1.0.x n/a n/a
2.0 2.0.x n/a n/a
2.5 2.5.x n/a n/a
2.6 2.6.x, 3.0.x, 3.1.x 1.x.x 1.x.x

 

Older Repository files can be upgraded, using PWMinder Desktop, for example, you can upgrade a version 2.0 or 2.5 Repository to 2.6 using either PWMinder Desktop 2.6, or 3.0 or 3.1.

Locked Files

PWMinder stores all of the passwords and other information in a Repository.  This Repository is saved in a file with a .pwm extension.  A Repository file, is just like any other file on your computer or smart phone, an can be copied, moved and/or deleted.  This makes it very easy to manage your Repository(ies); you can easily move the file from one computer to another, or copy it from your computer to your smart phone.  Repository files can also be stored on Dropbox, making it easier to share your passwords across computers and devices.

Password Repository Icon

Within the PWMinder Suite of products, a Repository is the central storage place where all of your password records are stored, kind of like a safe.  You give the Repository a name and description, and secure it with a Master Password.  Each password Record, in the Repository is grouped into a Category, to make it easy to organize your various password Records.  PWMinder comes with a set of standard categories, but using PWMinder Desktop you can create as many custom Categories as you want.

Repositories are compatible between all of the products within the PWMinder Suite; so that a Repository created using PWMinder Desktop can viewed and edited using iPWMinder, PWMinder Android, etc.

You can manage more than one Repository of password records.  This is very useful in case you would like to have a separate Repository for home passwords and work passwords, or would like separate Repositories for each person in your family.

Each Repository has it data stored in an encrypted file and often this it referred to as the Repository file.  Each Repository has its own Repository file.  Because the Repository stored as file, it make it easy to copy, move and back up your data. Repository files can also be used with Dropbox, making it even easier to access and sync you password data across you devices.

PWMinder is a suite of Password Management applications that run on a variety of platforms and devices.  Currently there are applications available for Windows PCs, macOS, Android and iOS.

Personal security and privacy are becoming more and more of a concern, and a day doesn't seem to go buy without news of a new security breach, or news of another major online business being hacked.  Nearly every web site, online store, social networking site, etc. asks you to create a login and password.  The passwords you use, should not be easily guessed, and you should never use the same password on more than one site (in case that site gets hacked, and your password gets exposed).  It is hard, however, to follow these rules, because it is nearly impossible to remember dozens of unique cryptic passwords.  The best way to deal with this, is to use an effective Password Management System, like PWMinder.

Because PWMinder is available for many platforms and devices, it is easy to have access, and to manage your passwords where ever you are.  Using Dropbox as the storage location for your password repository files, makes it even easier to keep all your passwords accessible and in sync. Dropbox has recently migrated from API v1 to v2, which provides many improvements 'under the hood', and all PWMinder products have been updated to work with the new Dropbox API v2.

PWMinder Suite of Products

 

An easy to use Password Manager for Windows and macOS.

Price: $30.00 USD

A convenient and easy to use Password Manager for Android devices.

pwm android nexus5

Price: Free

A convenient and easy to use Password Manager for iOS devices.

iPWMinder on iPhone 6

Price: $1.99 USD

Subcategories

Category for all PWMinder Desktop pages.

Category for iPWMinder pages.

Category for all PWMinder BlackBerry pages.

Category for all PWMinder Android pages.

  

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.