1 / 24

Password Managers

Password Managers. What is a Password Manager?. A tool that stores logon names, passwords, PINs other items related to Web and program logons. This data is stored in an encrypted file and is accessed with a "master" password.

geona
Télécharger la présentation

Password Managers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Password Managers

  2. What is a Password Manager? A tool that stores logon names, passwords, PINs other items related to Web and program logons. This data is stored in an encrypted file and is accessed with a "master" password. Program and database can be portable – some can be run from a USB flash disk or CD.

  3. What do they do? Create an encrypted database file to hold the logons and passwords. Accept entry of logons/passwords for each web page or program for which you need a logon. Allow either manual or automated retrieval of logon data. Logon data can be "auto-typed" into the entry boxes on a web page.

  4. Types of Password Managers Desk top – installs on hard drive, database on hard drive. Portable – resides on smart phone, tablet, PDA or flash drive. Web based – database is stored on the providers server on the web. Integrated – web browsers that contain the capability of gathering, storing and retrieving logons and passwords.

  5. Internet Explorer: Remember Passwords Open Internet Explorer. Open the Internet Options screen. Select the Content tab. In the AutoComplete section, click the Settings button. Check the boxes for "User names and passwords on forms" and "Ask me before saving passwords". Click OK. Thereafter: Whenever you enter the same user name on the same web page, the password will automatically be entered into the password box. If the password is auto-filled into the box and you change it, you will be prompted to save the new one or not. These passwords are saved in the windows registry files and are NOT SECURE.

  6. Firefox: Remember Passwords Open FireFox: Click open the FireFox menu, upper left. Click Options, right column. OR Click on Tools from the menu bar. Click on Options. Select Security tab. Under Passwords. Check "Remember passwords for sites". Check "Use a master password". Enter a master password for the file (twice), click OK.

  7. Firefox: Remember Passwords Thereafter: When you open a web page that requires a logon and password: If you have previously saved these, they will automatically be entered into the appropriate fields, and you will be logged on. If you have not previous saved these, you will be prompted to do so. You will be required to enter the "master password" you entered when you created the database file.

  8. Firefox: Remember Passwords To change your master password, click on the "Change Master Password..." button. Enter the current password. Enter the new password (twice). Click OK. If, while adding a password, you selected "Never Remember Password for This Site", that site will be listed when you click "Exceptions..." button. You can remove these from that list.

  9. Firefox: Remember Passwords To disable saving of passwords, in Firefox, navigate to the Options/Security screen as before. "Remove All" from both the Exceptions... and Saved Passwords... screens. Uncheck "Remember passwords for sites". You will not be asked to save passwords again.

  10. Free Password Managers Examples of recommended free password managers: LastPass LastPass Corp. https://lastpass.com/ LockCrypt open source http://www.lockcrypt.com/ 1Password AgileBits https://agilebits.com/ Password Safe open source http://passwordsafe.sourceforge.net/ My favorite: KeePass open source http://keepass.info/

  11. Passwords Some references on how to choose safe passwords: http://www.microsoft.com/security/online-privacy/passwords-create.aspx http://www.aarp.org/technology/how-to-guides/info-03-2011/create-strong-passwords.html http://www.thegeekstuff.com/2008/06/the-ultimate-guide-for-creating-strong-passwords/ Length Complexity Add UPPER CASE, numbers, special characters Character replacement – Leet (for elite): The following table shows possible substitution characters that “look” like the letters they are to replace. Any, or none, of these can be used, but it's probably better to be consistent with which characters you use. Those in red in the table are more obvious.

  12. Leet alternate characters

  13. Download and install LastPass on your computer. https://lastpass.com/ Create an account and enter a master password. This password is not transmitted to the LastPass web site, it is used to encrypt the transmissions to/from LastPass. LastPass DOES NOT KNOW YOUR PASSWORD. You must keep it. LastPass looks for saved passwords on your system and allows you to select (or de-select) them for inclusion in the encryption. LastPass puts an icon on your browser showing if you are logged on or not. LastPass

  14. If you are logged on, when you enter a logon/password to a web page, LastPass will prompt you to save it or not. If you have saved the logon/password, whenever you open that page again, the logon name and password will be filled in. You may elect to have LastPass "auto-logon" whenever you go to that page. Additional features: Password generation. Import/export from/to other password managers. LastPass

  15. KeePass To install KeePass: Open the web page: http://keepass.info/download.html To install on your Windows machine: Click on the first link on the right column (KeePass 2.nn (Installer EXE for Windows)). Download and install program. To load the stand alone version that can be run from a USB flash drive or CD: Click on the second link on right column (Portable KeePass 2.nn (ZIP Package)). Download and unZIP files to appropriate location.

  16. KeePass Run KeePass for the first time: Click OK on the "...file could not be found" message. Blank KeePass screen comes up. Click File/New. Name and locate new KeePass database file. Master Key. Enter Master password (twice).

  17. KeePass Master Key: (cont.) Check Key file. Click "Create" button: Name/locate key file. Same name and location as KeePass database file (that's the default). Left pane – move cursor around box until bits = 256. Right pane – fill with random characters. Click OK. DON'T use Windows user account. Click OK. Database Settings. Let's accept the defaults for now. Click OK.

  18. KeePass Select category. Select Edit/Add Entry... Title – your name for the web site. User name –logon user name or email. Password – password you will use. Enter the existing password for the logon or use: Add entries: Password generator to create a new one: Select length. Select characters. Advanced options. Preview samples. Click OK. Check Quality.

  19. KeePass Add entries: (cont.) URL – copy URL of web page that has logon. Note – additional info: questions/answers, PINs. Click OK.

  20. KeePass To use KeePass: Drag and Drop process: Open KeePass. Select an entry. Double click on URL field in that entry – web site will open. Drag User Name and Password to appropriate boxes. Press <Enter>or click the logon button. If there are additional prompts/questions, find their answers in the Notes section of the KeePass item.

  21. KeePass Auto type process: Open KeePass. Select an entry: Double click on URL field in that entry – web site will open. Press: <Crtl><Alt>A. This should fill the logon name and password fields and enter a <Enter>. If it does not auto-fill: Check to see that the cursor is positioned on the Logon name If not, put it there. Check that words in the Title are contained inthe URL. Check to see that there are any other fields/pages involved in the logon process of that site. If so, try to build auto-type sequence that will work.

  22. KeePass Maintenance Move to new location – portable installation only: Move or copy all the files in the KeePass directory to the new location. You can keep the two databases synchronized by using: File / Synchronize... / Synchronize with file... and selecting the destination file to synchronize to. That is, data in the currently open file will be copied to and overwrite data in the destination file. Synchronization will allow you to run your primary KeePass database on your computer and have a portable copy on a flash drive to which you synchronize periodically.

  23. KeePass Backups Regularly backup the database and key files: xxx.kdbx (or possibly xxx.kbd for older versions). xxx.key (if you have created a key file when entering the master password). By default these will be located: For installed version of KeePass: C:\Users\{username}\AppData\Local\KeePass For portable (not-installed) versions: In the same directory where KeePass was unZipped.

  24. END

More Related