|
|
|
|
| Password Safe 1.7.1 | |
 If you're like me, you probably have a lot of
passwords. But who can remember specific numbers? Most of us end up writing the passwords
down (unsafe) or use the same password on multiple systems (really unsafe). Happily,
relief is now available in the best possible form: easy and free.Password Safe, available for download from Counterpane Systems' Web site, is written by Bruce Schneier, president of the Minneapolis-based company and one of the industry's leading cryptography gurus. After collecting all your passwords in a single file, Password Safe encrypts that file using the Blowfish algorithm that Schneier designed in the early 1990s. Thus far, Blowfish has resisted all attacks to decrypt it. In other words, while the National Security Agency might be able to recover your passwords, it's unlikely that anybody else can. Password Safe is downloaded in zip file format, so you do need PKZip or WinZip to unzip the file and install it. The program installs in less than a minute, and requests you to give a temporary password which will then give you access to the decrypted passwords. Adding passwords is simplicity itself. Enter the title of the password (e.g., "WestGroup" if you're storing your password for WestLaw) and follow this action by typing the password in the provided field. Password Safe then encrypts the word but makes it available for use. To use Password Safe, open the program and type in your password. You now have access to all your passwords, organized alphabetically by name. Select the password you need, and the program will transfer it to the Windows clipboard for pasting. (The program lets you copy it by pressing Ctrl-C, double-clicking an icon or by using the Edit menu.) The password will be wiped from the clipboard when Password Safe is closed. This security feature is something you want and need, since anyone using your computer could feasibly recover the password from the clipboard if your machine is on. The downside is that you need to keep Password Safe open until you use the password. If you close the program before pasting the password into the program that requires it, you won't be able to paste it. You also need to be sure to close the program since your passwords aren't protected when the program is open. To ensure security, Password Safe lets you generate your own random passwords. Although you are limited to eight characters, the program generates mixtures of both upper- and lowercase letters and numbers. The eight characters generate a 64-bit key, which is probably adequate for what anybody is doing in law. The program supplies a plethora of possibilities: Eight letters will generate 28 quintillion combinations if your password distinguishes between upper- and lowercase. If not, you'll only have 218 quadrillion or so different keys available. You can also transfer your "safe" filled with passwords from one machine to another by a well-documented transfer routine. You must, however, follow a specific routine. A simple transfer of the file won't work. In creating Password Safe, Schneier has performed a
real service for the increasingly networked world. Passwords and other digital codes such
as credit card numbers or account numbers are becoming more and more frequent. Even small
law firms need to implement password security, and Password Safe does so in a way that's
both secure and easy to use. The only problem most lawyers are likely to find with the
program is that its concepts of real security aren't well-known to most practitioners.
Schneier helps to bridge this gap by providing users with a number of articles and
slide-shows on Counterpane's Web site. |
Counterpane Systems (612) 823-1098 www.counterpane.com Windows 95 Free Reviwed by Joseph M. Hartley, trial lawyer, Hartley & Hartley, Santa Monica, Calif. PROS CON VERDICT
|
| Home | | Issue Archive | Resources | About Us | Contact Us | Subscribe | | Subscribers | Advertisers | Updated 09/19/01 |
