How to Manage Passwords Effectively
If you rely on passwords to protect your online identity, you should use a tool to help you remember and use them securely.
Mon, July 01, 2013
PC World —
Remember when passwords were going to die out? Bill Gates told an audience, "There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don't meet the challenge for anything you really want to secure."
That was in early 2004. Nearly a decade later we still rely heavily on passwords, and passwords still suffer from all of the same weaknesses Gates described.
I used to be guilty of recycling the same password across virtually every account as well. The sites and services I use broke me of the habit because the password policies are so different from one to the next that it became very difficult to even find a password that meets the requirements of all of them.
Fair enough. It's a horrible policy anyway. Security best practice suggests you should use different passwords for different sites. Just as you don't use the same key for your front door, car, bike lock, and safety deposit box, you don't want to have the same password "unlock" all of your information. If one site or service is compromised and an attacker gets access to your password, you don't want it to be a universal key to your entire online identity.
Apple recently unveiled details of the new Mac OS X, "Mavericks." It is available onlyA to developers right now, but one of the features Apple is adding is designed to help you choose more secure passwords, and manage them effectively without writing it on a sticky note pasted on the front of your monitor.
iCloud Keychain basically takes the password storage and management features of the existing Keychain feature and moves them to iCloud, where they can be accessed by and synced across iOS devices as well. The Mac OS X system running "Mavericks," and any iOS devices with the upcoming iOS 7 will be able to auto-fill complex passwords from the iCloud Keychain.
That's awesome for users who live and die by the Apple ecosystem, but it won't work for someone using a Windows PC with an iPhone, or someone using a MacBook Pro with an Android smartphone--at least not yet. It's a good solution, but an Apple-centric one.