Using a password vault or a password safe can provide some ease and can simplify our lives nicely. However, what is the point of saving all these passwords when we can just type it in – or use Firefox or Opera to do it for us?
Let’s look at several and consider what they offer – and the hidden surprise that makes them most valuable. There are several that are worth considering depending on your environment – Apple’s Keychain, GNOME’s Keyring, KDE’s Kwallet, KeePass and KeePassX, and Passpack. The first three belong to that set of tools that provide for password vaults that are unlocked when you log into your computer. As long as you are logged in – and perhaps only until the screen saver kicks in or you log out – these tools will be active and your passwords automatically available.
KeePassX is part of a small set of tools that provide this capability, though in a cross-platform way.
Lastly, PassPack is an online password vault which is easy to use and provides for exports to other systems like KeePassX and its ilk.
What is it that provides a surprisingly high level of security with the use of these vaults? Simply this:
You can generate random passwords of arbitrary length that you need not even try to remember.
This is very powerful. Passwords no longer need to be memorized: so why try? The passwords can be generated by the associated password generator, and then copied or otherwise placed into the password field of whatever process is requesting authorization.
There is no pattern which makes it easier to crack – no combinations of words, numbers, etc – just pure randomness (or as close as one can get on a non-random entity like a computer).
Once you have a tool like a password manger in place, you can use a different password – a random password – for every site and every location that a password is needed.