Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Better Security through Password Management

By Joe Moran

Last time, we looked at two commonly overlooked router-related passwords that can leave your network vulnerable if not configured properly. But it's not just the seldom-used passwords many of us neglect — there are plenty more passwords that we use far more frequently (particularly for Web sites) and also pay scant attention to.

More on Passwords

Stuck for a definition? Look it up at Webopedia:

On any given day, we may have to use many different passwords. Most of us are at least somewhat aware of the guidelines for proper password creation and use, but few actually follow them. (We won't rehash them here, but for a good explanation check out an earlier installment of this column. The problem is that even one "good" password is hard for most people to remember, never mind four, six, or ten.

Therefore, where passwords are concerned, we tend to do exactly the opposite of what we're supposed to—come up with the shortest password allowed, use the dog's name, use that same password for everything, and change it only when forced to (usually from something like baxter to baxter1).

If you lack a photographic memory but would still like to follow better password practices, here are two tools that can help you do it.

KeePass

KeePass is a free, open source utility that gives you a centralized place to store, organize and manage all of your passwords. You can find it at http://www.keepass.info/news/n080112_1.html.

Once you've installed the software and it's up and running, choose "File" then "New" to set up a password database. Next, enter a Master Password in the space provided. This password will control access to the utility and it can also be the root of every other password you manage with KeePass, so make sure you create one that's a decent length. (As you type the software will report the bit strength of the key and the color indicator beneath will go from reddish to green as you add characters). You can click the button with three dots to view the characters as you type, and you should make a written record of the password before you type it in the second time for confirmation.

After your database is set up, you'll see are a number of login categories listed, such as network, Internet, and e-mail. To create a new password entry for a category, highlight it and right-click the empty space on the right side of the window. In the "Add Entry" window, give the entry a recognizable name and then enter your user name and password where indicated. The password field will automatically include your master password, which you can build off of or clear from the field and type whatever you want to use. Then enter the URL of the site in question.

What's That Term?

Not sure what a particular networking term means? Check out our searchable glossary.

To help visually distinguish between entries, you can change the icon each will display using the button in the upper right. If you put a check in the "Expires" box and specify a date or time, KeePass will indicate the password as expired after that point and display its entry with a red X. This doesn't mean your password will stop working, but rather serves as a reminder of when to change the password.

Now that we've created an entry, let's see how to use it. When you right-click an entry, you'll get a context list of actions to perform. For example, Open URL will open your browser to the site specified. If the site's main page doesn't contain the actual username and password sign-in fields, you should modify the entry to reflect the URL that does (for example, it might be www.site.com/login).

When the browser's open to a site's sign-in page, you can click and hold the user name part of the KeePass entry and drag it into the matching field on the page, where the information will automatically be filled in. Repeat the process for the password and click the site's sign in button and you'll have logged into the site without having to do any typing.

Another and even more convenient option is to use the KeePass Auto-Type feature. With the site's login screen open, right-click its entry and choose Perform Auto-Type. This will automatically send the username to the first field, then send a tab keystroke, then send the password to the second field, then an enter keystroke, effectively letting you log in with a single mouse click.

KeePass includes a built-in password generator, and if you'd rather not need to remember even a single master password, you can use a key file instead. KeePass obviously is ideal for those using a single PC, but if you frequently use more than one computer, you can download a portable version that doesn't require any installation and can be kept on a USB key.

Clipperz

If you want a way to manage passwords without software that's tied to a particular PC or having to carry a USB key around with you, check out Clipperz, an online password manager that works with Internet Explorer or Firefox. Clipperz consists of a Javascript application that encrypts your information on your computer before transmitting it to the Clipperz servers, which prevents either Clipperz or another party from accessing your stored data.

To create a Clipperz account, click on the Register button in the upper right corner of the page. Just like KeePass, Clipperz will give you feedback about the strength of your password through a color indicator (you'll have to use at least 22 characters to make it to green). For obvious reasons, Clipperz doesn't keep a record of your passphrase, so they can't be of any help if you forget it. Therefore be sure to write it down somewhere in a secure place (and we don't mean on a Post-It Note stuck to your monitor).

Once you're at the Welcome to Clipperz page, click the tools tab (upper right) and then the Bookmarklet link (left margin), and add the Clipperz bookmarklet to either Firefox or IE using the instructions shown.

Now point your browser to a site's sign-in page and click the "Add to Clipperz" bookmarklet. This will open a small window containing the code for the login process. Copy this code to your clipboard using the mouse or Ctrl-C, then click the "Cards" tab and the "Add New Card" button. Paste the code you just copied into the Direct login confirmation box, Click "Direct Login" just above that, and then click the "Create" button. Finally, fill in the fields for your user name and password, and click the Save button.

The entry you just created should now be listed under the Cards and Direct logins heading. Clicking the latter will automatically log you into the site, while selecting a card and then clicking "Edit" will let you view or modify the information saved for that site.

Both KeePass and Clipperz can help you use stronger passwords without having to commit endless strings of gobbledygook to memory. Of course, this is just a basic look at how these tools work; for information on additional features and capabilities for each be sure to check the KeePass help file or the Clipperz online documentation and FAQ. Last but not least, if you decide to keep using either one, consider making a donation to the developers (both accept PayPal).

Joe Moran is a regular contributor to PracticallyNetworked.


For more help, don't forget to try one of our PracticallyNetworked Forums.

Add to del.icio.us | DiggThis




Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums