Security notes

Passwords, Keepass and Dropbox

Strong passwords are key to your on line security.  To prevent a hacker who has compromised one system accessing all your accounts, a password should not be re-used in multiple accounts, e.g. for both your online banking and your email.  CIBC , TD, ScotiaBank, BMO CoastCapital and others describes how to protect your passwords and identity here.  AThese two conditions lead to multiple passwords that are hard to remember.  Using a weak password that is easy to remember is an unwise choice.

CIBC describe practices that This leads to In this Keepass is a password manager that has versions that run on many platforms, including Windows, Apple OSX, Android phones and tablets, and linux.   It stores passwords in an encrypted (jumbled) database that can be safely put on insecure flash drives, insecure cell phones, insecure laptops any of which can be lost without fear of revealing the passwords.

Keepass is a free, open source program.  It does not store your passwords on their  company’s servers.

By putting the database in internet storage like Dropbox or Google Drive, updates made on one device are synchronized to all your other devices.  See

Or you can put a portable version (version 1) on a portable flashdrive that fits in your wallet: See and then add keepass from the security section

I recommend you use version 2 of drop box.  (Version 2 depends on dotnet on windows machines, or mono on other platforms.)

Which passwords and usernames must you commit to memory? You can get by with memorizing only the master keepass password.  This should be at least 12 random characters / letters / punctuation long.  If you use a pass phrase, made up of words, use at least 5 random words.



Leave a Reply