Wednesday, November 26, 2008

Will a password manager let me check my email in a cybercafe?

In my last post, I said that it's basically impossible to know you're safe when using a public computer to access password protected sites (including your email), since your account information including password could be captured by a keylogger. Now I'm trying to find out if password managers provide enough security to let me go ahead and log on to my gmail account or even my bank account (now that won't happen any time soon!).

Secure password managers such as RoboForm, PassPack, and ClipperZ may allow us to safely access our password-protected accounts on a public computer. It seems to be generally accepted that they do provide protection. I'm trying out the three products above (all have a free version) but will avoid putting any financial or really important passwords online until I find out more.

These products all work by encrypting your passwords so that no one else can read them, then storing them somewhere. Offline password managers like RoboForm store your encrypted data on your own computer or a flash drive that you can take with you to another computer. PassPack and ClipperZ are online password managers. They save your encrypted passwords (and only the encrypted form) online so you can retrieve them from anywhere you have internet access. They also give you a way to save the information on your own computer for when you don't have a connection.

It sounds quite promising and the products are well-established. I just want to learn a little more to be sure that there aren't any known ways that malware could copy my passwords even if I don't physically type them.

1 comment:

  1. Glad to hear you are trying out Passpack. Drop me a line if you have any questions:

    Louise (Passpack)