I had a situation where a friend's PASSWORD (singular) was hacked. He lost control of his email accounts, facebook, and several other things (luckily not his bank accounts). I wanted to share with you all, in case it is helpful for someone out there, how I manage my passwords in a secure way.
I use KeePass and Dropbox to manage my passwords.
I chose to do it this was because 1) Its free 2) I get multi-platform support 3) I control the encryption without having any other outside company holding the 'key' to my encryption [I'm not that paranoid, but it is an additional benefit worth noting].
I have a KeePass database (my 'password vault' as I call it) with a very strong password. I then have that database file on Dropbox (and in fact, I have the entire KeePass application in Dropbox as well as a Portable app so I can have my configuration settings, etc. synced as well.) This covers syncing my passwords in a secure and encrypted way to my PCs.
Then, I use KeePassDroid on my Android devices. I use DropSync (which acts like the 2-way syncing of the desktop Dropbox app) to sync the 'password vault' to my device. Whenever I update a password and save the password database, it then gets synced to my other PCs and my Android devices. The database is there but encrypted so I just have to enter my strong password each time I need one and then I get access to all of my passwords. On some of my devices that I don't use as regularly for things where I'll need passwords, I just use the Dropbox app to open the password database on an as-needed basis.
One of the nice features of KeePass, which I'm pretty sure some of the others have as well, is the ability to generate a random password for me. I can specify how 'complex' I want it to be, etc and it makes it for me. This way I don't ever have to remember my password and it makes it nearly impossible to guess what the password actually is.
You can also accomplish basically the same setup using Google Drive or Copy.com.
There are other companies out there, like LastPass, mSecure, etc, which offer great products as well (some of which cost money though). This is simply the route I chose to go. Like I said - a little more complex to get set up, but I'm very happy with the setup now that I've done the initial legwork.
The point of all of this is though - KEEP YOURSELF SAFE! Have STRONG passwords and NEVER, NEVER, NEVER use the SAME password for multiple things!
I use KeePass and Dropbox to manage my passwords.
I chose to do it this was because 1) Its free 2) I get multi-platform support 3) I control the encryption without having any other outside company holding the 'key' to my encryption [I'm not that paranoid, but it is an additional benefit worth noting].
I have a KeePass database (my 'password vault' as I call it) with a very strong password. I then have that database file on Dropbox (and in fact, I have the entire KeePass application in Dropbox as well as a Portable app so I can have my configuration settings, etc. synced as well.) This covers syncing my passwords in a secure and encrypted way to my PCs.
Then, I use KeePassDroid on my Android devices. I use DropSync (which acts like the 2-way syncing of the desktop Dropbox app) to sync the 'password vault' to my device. Whenever I update a password and save the password database, it then gets synced to my other PCs and my Android devices. The database is there but encrypted so I just have to enter my strong password each time I need one and then I get access to all of my passwords. On some of my devices that I don't use as regularly for things where I'll need passwords, I just use the Dropbox app to open the password database on an as-needed basis.
One of the nice features of KeePass, which I'm pretty sure some of the others have as well, is the ability to generate a random password for me. I can specify how 'complex' I want it to be, etc and it makes it for me. This way I don't ever have to remember my password and it makes it nearly impossible to guess what the password actually is.
You can also accomplish basically the same setup using Google Drive or Copy.com.
There are other companies out there, like LastPass, mSecure, etc, which offer great products as well (some of which cost money though). This is simply the route I chose to go. Like I said - a little more complex to get set up, but I'm very happy with the setup now that I've done the initial legwork.
The point of all of this is though - KEEP YOURSELF SAFE! Have STRONG passwords and NEVER, NEVER, NEVER use the SAME password for multiple things!
