Follow Orion Security Solutions on Facebook Follow OrionSSolutions on Twitter Orion Security Solutions on LinkedIn Orion Security Solutions on YouTube
13
Jan

Password Managers

Posted by on

Passwords, it seems almost every place you go online requires a username and password. Security experts’ emphasis the importance of not using the same password for multiple logins to lower your risk in case one site is compromised. So, you try to do your due diligence and create a password scheme for the sites that you need to log into. This scheme works for a while until the site makes you change your password every 60, 90 or 120 days. There are always some sites that you do not log into that often and can't remember if you scheme appended an incremental number or even a letter to the end of the last password. So, like me, you are no stranger to the “Reset Password” link.

This used to be my routine until I decided to use a password manager like KeePass or Password Safe. Password managers are encrypted files that the application can open only by using the password to decrypt the contents of the file. By using these password managers, I would create a single strong password that consists of upper and lower case characters, numbers and special characters. I even make this password greater than 12 characters long just to make brute force that much harder. After creating the password file, I then create unique passwords for the sites that I have to log into and save them in the password file. These passwords can be very complex and long and most of the time, I have the password manager application randomly create a password. This way I know I have reduced my attack profile by having complex passwords that are different for each website and only have to remember a single password.

Join in next week on The O and I’ll discuss how I keep this password file in sync between my laptop, desktop, and mobile devices so I can log in while I’m not in front of my normal computer.

Rate this blog entry:


Mark Lawrence joined Orion Security Solutions as the Senior Vice President of IT Security. Mark will build on Orion Security Solutions "layered" security methodology as more technical security devices are connected to an Internet Protocol network.



Mark formerly worked with the United States Department of State as a Security Engineering Officer with the Bureau of Diplomatic Security Service (DSS) for eleven years. Mark joined Diplomatic Security from North Carolina State University where he obtained his Masters of Science degree in Computer Network Engineering and his Bachelor of Science degree in Biological Life Sciences with a minor in Genetics. Mark also interned with Cisco Systems in Research Triangle Park while he was studying for his Network Engineering degree. Mark received advanced computer security training from the Department of State to include forensics, vulnerability scanning, computer security assessments, information assurance, to include, systems certification and accreditation, and also compliance and auditing.