Do you reckon password keeper apps are secure?

[WeeShuggy]

I am so bloody sick of forgetting passwords. I have a few systems in place and I still can never remember the ones I don't use frequently. I've just failed to move a direct debit to my new account because I have NO IDEA which of the million variations on a theme it is. Grrr.

So, if I use a password keeper app, will I be rid of password frustrations forever? Or will some scally rob my phone and clear out my bank accounts?

I wouldn't use one on a mobile phone. I allow Firefox, Opera, and Google Chrome to keep track of some of my passwords, but they have varying levels of security...

Chrome only shows one at a time.

Opera (AFAIK) doesn't ever show them again.

Firefox can show screen after screen of all my (200-300) username/password combinations (yes, most are unique, and mnemonic, but handy to have a copy for my family to use, filed in case I am hit by a train). There's a 'master password' (which I must admit to not using) on FF.

I don't use MS Internet Explorer enough to care! (With so many attacks on MSIE, it seems a risk to ever trust it with passwords).

Thanks WebDude, as always, you are most helpful.

I use Firefox sometimes. How does it keep track of passwords? Do you mean there's a password keeper in there somewhere, or just the usual 'tick the box to remember me on this computer'?

And I'm not even sure what Opera and Chrome are .

All modern web browsers have a password manager and you can set a master password to make it harder for anyone with access to your machine to get into your passwords.

I also use KeePassX on my PCs. It includes a password generator, I can use it on Windows and Linux and copy my password databases between machines.

Make sure you use a strong master password on any password manager that stores important passwords.

Opera and Chrome are just two other browsers. I also use Netscape Navigator (another one, which was before Firefox from the same Mozilla people) but there are dozens and lots I have never touched, for Windows/ Mac/ linux.

On Firefox, when you tick the 'remember it' box, it will be saved internally. If you look at Tools / Options and check Security (I think - I'm not using it this minute so could be wrong) you'll see a button marked 'saved passwords')

Click the button and a new window appears showing a list of websites and username(s) [in case you have more than one user for a particular website]. You have to click another button and confirm you want to see the passwords to get it to display three columns.

You can sort the information (eg by username) by clicking on the column heading. So you could check if you have the same username on too many sites...

All too many people are conned into 'registering' for some site and use the same combination of mail address and password or username and password. One example was where a BBC reported got a message on FaceBook saying there was a funny video of him...

The link needed him to register and by doing so, he gave away his mail address and password, and that info meant his mail address could be accessed. Once into his mail, it would be possible to find out which bank he uses, and by extracting lists of contacts, start attacks on other people to see if they might fall for the same trick.

When he viewed the video, it was of a pirate or something (sorry, don't have the link handy) and clued him up to his having been victim to an attempt/achieved account details 'theft' / intrusion.

I will try to find the link - I might have it bookmarked on another PC as an example for teens not to trust messages about having a funny video clip of them... all too ego- / vanity- / driven that they'd go looking...

hmm, so do you think it's too risky to keep everything in one place and I should just continue as I am, forgetting passwords/usernames willy nilly?

Well, keep them on a home PC, but not on a phone, at least!

Make sure that bank passwords are not duplicated for anything else, and similarly, for wherever e-mail from your bank might end up, (or order confirmations, etc, if you shop online) make sure your e-mail account has a different password.

When it comes to passwords, use a mix with numbers, capitals and lower case letters, and some punctuation too if allowed. I often have some numbers to do with a date or phone number, a hyphen or other character and then some text followed by an exclamation mark or other punctuation.

OK, Thanks for the advice. It is heeded!