Since the early 1960’s passwords have acted as the de facto shared secret used as credentials to allow users to verify authenticity to a computer to get access to its resources. As these resources grew more valuable an inevitable arms race developed between system owners and hackers trying to usurp the access of others. For over 50 years this has continued, and it is only recently with the pervasive ubiquity of smartphones that the industry has decided that passwords on their own may no longer be the best way to manage identity credentials. The arms race included progress towards best practises such as adding salts to passwords, and calculating hash values that would be stored on the system servers. This reduces the impact of any security breach. Centralised password policies also encouraged the use of strong passwords to make deciphering stolen passwords difficult. The emergence of Single Sign on and Open ID in recent years has served to reduce the need for users to remember lots of passwords, however they have not been adapted that widely particularly amongst those concerned with the obvious privacy trade offs inherent in their use. In reality most of us have hundreds of passwords to manage and we all employ different strategies to manage them.

Password managers have been available for a number of years. Most offer a similar range of features and operate on a broadly similar basis. The user creates one Master password to facilitate access to the password manager, and they can then use the manager to manage their access credentials to the various sites they want to access securely. Features can include password generators, encryption and auto form filling.

However, for some password managers are no longer ‘fit for purpose’, indeed some of the leading providers have been hacked themselves. These resources are designed to educate the reader as to the latest developments in the field of password management.

All Articles

Password management: amateurs hack systems, professionals hack people

To say it in the words of the security guru, Mr. Schneier,“Amateurs hack systems, professionals hack people.” Don’t believe that the typical hacker is the socially awkward 20-something-year-old young man who cannot make eye contact with someone at Starbucks — like Elliot from Mr. Robot. The most successful hackers are truly gifted grifters who can “talk their way out of almost anything” — or better said, “talk their way into anything.”

How can a small business password protect itself

It should come as no surprise that businesses handling any amount of customer data are frequent targets of hack attempts. Hackers may be after credit cards, personal identities, or sensitive company data. The hackers after this information are not typically like you see in Hollywood movies either.

5 password management apps that will work on all your devices

How many online accounts do you have? Now compare that to passwords: You’re likely reusing at least a few less-than-secure ones. The average person has around 130 online accounts and reuses their favorite password four times.

Highly encrypted password management software to secure your passwords

Is there anything on your computer or mobile phone that you want to keep protected from unauthorized access? Who doesn’t? I believe we all have things that we want to keep secure. Even if they are not secrets, but keeping information secure is something that is important to many people today, and set highly-encrypted password is an effective way.

You need a password manager. Here are some good free ones

It’s an interconnected world out there, and while it might be more convenient if one company acted as the gatekeeper for the array of services you subscribe to, overall it would probably mean that the technology of the future would be boring and homogenized.

Guest comment: digital identity is broken. Can we fix it?

Identity fraud and online breaches seem to be dominating the news recently, with Tesco and the National Lottery leading the way. Jeremy Newman, founder and executive director of ShowUp discusses why the password system infrastructure is failing and what needs to be done to eradicate identity fraud once and for all.

Top 5 best password managers

A while ago, all it took to be a great password manager was to keep your passwords in an encrypted vault. Now the best password managers give you the option to sync or keep them local only, change web passwords with a click, log in to sites for you, and more. This week, we’re looking at five of the best options.

Know of a resource that helps people secure their data? Submit it today