Skip to main content

Storing Passwords Securely

This is probably a problem that others have encountered, so I thought I'd address my solution here...

If you work on a lot of different websites, you tend to have a lot of username/password/etc info that you need to keep track of somehow. You can try to remember them all, or use the same info for each - the potential problems with these two approaches are obvious.

What is needed is some way to store this info securely and ideally across different computers, and with an eye towards keeping it backed up - obviously losing all the passwords to your clients' websites would not be a good thing! The only worse thing would be having that information fall into the wrong hands.

My current solution makes use of two free pieces of software. The first is Dropbox - a free cloud-based backup/sync program. Essentially, it sets up a folder on your computer, and anything in that folder is backed up to their server and sync'd with other machines with dropbox that are connected to your account. You can have up to 2 gigabytes for free.

The second piece of software is Password Safe, an open source program that lets you store passwords very securely. The program must be "unlocked" using a password, and the data is stored securely in a small encrypted file.

To make this work, just set up a password safe file for your info, and save it in your dropbox folder. Problem solved! It's automatically backed up and synced with your other machines. The only (very small) problem I've had is that dropbox can't back-up the password while it's in use by password safe - so be sure to shut the program down totally when after you've used it, and you're all set!

Comments

Popular posts from this blog

Another VI tip - using macros, an example

God I love VI. Well, actually, vim but whatever. Here's another reason why. Suppose you need to perform some repetitive task over and over, such as updating the copyright date in the footer of a static website. (Yes, yes I know you could do a javascript thing or whatever, just bear with me.) Of course you could just search and replace in some text editor, changing "2007" to "2008" (if you're stupid) - and you'll end up with a bunch of incorrect dates being changed, most likely. What you need to do is only change that date at the bottom. And suppose that because of the formatting, you can't use the "Copy" part of the string in a search replace - perhaps some of the pages use "©", some spell out "Copyright" etc. This is where vi macros come in handy. A macro in vi is exactly what you expect, it records your actions and allows you to play them back. To start recording, press q followed by a character to use to "stor...

Using FIle FIlters in FileZilla

Here's a handy tip for situations when you want to download a large number of files - but only of a certain type. For example, perhaps you want to download all the PHP files from a largish website, scattered through many subdirectories. Perhaps you're making a backup and don't want any image files, etc. FileZilla (still the best FTP in my opinion) has a handy feature called filename filters - located under the Edit menu. Here you can set various filters that filter out files based on their filename. Took me a minute to figure that out - you're saying show only PHP files, rather you're saying filter out files that do not have ".php" as their suffix. For some reason, that seems a little backwards to me, but whatever. It works quite well. You can also check whether the filter applies only to files, only to directories - or both. In this example, you'd want to check only files, as otherwise you won't see any directories unless they happen to end in...

Great google article

Over on Maximum PC - there were a few things I didn't know you could do with the various Google apps. One is uploading files to google docs - any file. Which ties in well with my previous post about storing passwords - I uploaded a copy of my password safe file to google docs as a backup. Can't hurt, right? Also, I wasn't aware that you could set up forms in google docs that act as surveys, and then store the results in a google docs spreadsheet. This is a little alarming, as a decent amount of my work involves coding up custom surveys similar to this...