Password Safe

“Many computer users today have to keep track of dozens of passwords: for network accounts, online services, premium web sites. Some write their passwords on a piece of paper, leaving their accounts vulnerable to thieves or in-house snoops. Others choose the same password for different applications, which makes life easy for intruders of all kinds.

“With Password Safe, a free Windows 9x/2000 utility from Counterpane Labs, users can keep their passwords securely encrypted on their computers. A single Safe Combination–just one thing to remember–unlocks them all.”

There’s not much more you need to know. When my list of accounts and passwords became too much to memorize, I started keeping them in a little “keyring” file on my PC. First it was just a plain text file (*embarrassed cough*), but more recently I’ve kept the text file in an encrypted zip file. I’ve seen numerous little programs that take care of this password tracking job, but until now I have never found one that a) doesn’t try to do more than I want it to, b) is a pain in the arse about backups and transporting files, c) is inexpensive, and d) comes from a vendor I trust.

Password Safe nails all of these issues:

  1. All that Password Safe does is hold passwords. You give each item in your list a title, a user name, and a password. There’s also a small space for additional notes if you need them. But that’s all it requires: three small pieces of data per password. And once you’ve entered this information, it shows up in a simple list. It’s clean, simple, and elegant.
  2. Your passwords are stored in a single .dat file. The .dat file is encrypted with the Blowfish algorithm. Transporting your passwords between computers is a matter of taking your .dat file with you, running Password Safe on the other computer, and making sure you know the master password (the “safe combination”) to open the file.
  3. Password Safe was originally developed by Counterpane Labs, but it’s now being developed as an open source project. It’s free.
  4. Counterpane Systems was founded by Bruce Schneier, one of the biggest names in computer encryption and security. He invented the Blowfish algorithm. He developed the Solitaire algorithm used in Neal Stephenson’s Cryptonomicon–one of the best fiction books ever written about code-breaking and computer hacking. He has written many other books about cryptography, computers, and privacy. He publishes the monthly Crypto-Gram newsletter about computer security and cryptography. His credentials are beyond reproach. Do I trust this utility knowing that it comes from his company? Absolutely.

Password Safe. It’s the way to go.