slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Password Managers PowerPoint Presentation
Download Presentation
Password Managers

Loading in 2 Seconds...

play fullscreen
1 / 24

Password Managers - PowerPoint PPT Presentation


  • 146 Views
  • Uploaded on

Password Managers. What is a Password Manager?. A tool that stores logon names, passwords, PINs other items related to Web and program logons. This data is stored in an encrypted file and is accessed with a "master" password.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Password Managers' - geona


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Password

Managers

what is a password manager
What is a Password Manager?

A tool that stores logon names, passwords, PINs other items related to Web and program logons.

This data is stored in an encrypted file and is accessed with a "master" password.

Program and database can be portable – some can be run from a USB flash disk or CD.

what do they do
What do they do?

Create an encrypted database file to hold the logons and passwords.

Accept entry of logons/passwords for each web page or program for which you need a logon.

Allow either manual or automated retrieval of logon data.

Logon data can be "auto-typed" into the entry boxes on a web page.

types of password managers
Types of Password Managers

Desk top – installs on hard drive, database on hard drive.

Portable – resides on smart phone, tablet, PDA or flash drive.

Web based – database is stored on the providers server on the web.

Integrated – web browsers that contain the capability of gathering, storing and retrieving logons and passwords.

internet explorer remember passwords
Internet Explorer: Remember Passwords

Open Internet Explorer.

Open the Internet Options screen.

Select the Content tab.

In the AutoComplete section, click the Settings button.

Check the boxes for "User names and passwords on forms" and "Ask me before saving passwords".

Click OK.

Thereafter:

Whenever you enter the same user name on the same web page, the password will automatically be entered into the password box.

If the password is auto-filled into the box and you change it, you will be prompted to save the new one or not.

These passwords are saved in the windows registry files and are NOT SECURE.

firefox remember passwords
Firefox: Remember Passwords

Open FireFox:

Click open the FireFox menu, upper left.

Click Options, right column.

OR

Click on Tools from the menu bar.

Click on Options.

Select Security tab.

Under Passwords.

Check "Remember passwords for sites".

Check "Use a master password".

Enter a master password for the file (twice), click OK.

firefox remember passwords1
Firefox: Remember Passwords

Thereafter:

When you open a web page that requires a logon and password:

If you have previously saved these, they will automatically be entered into the appropriate fields, and you will be logged on.

If you have not previous saved these, you will be prompted to do so. You will be required to enter the "master password" you entered when you created the database file.

firefox remember passwords2
Firefox: Remember Passwords

To change your master password, click on the "Change Master Password..." button.

Enter the current password.

Enter the new password (twice).

Click OK.

If, while adding a password, you selected "Never Remember Password for This Site", that site will be listed when you click "Exceptions..." button.

You can remove these from that list.

firefox remember passwords3
Firefox: Remember Passwords

To disable saving of passwords, in Firefox, navigate to the Options/Security screen as before.

"Remove All" from both the Exceptions... and Saved Passwords... screens.

Uncheck "Remember passwords for sites". You will not be asked to save passwords again.

free password managers
Free Password Managers

Examples of recommended free password managers:

LastPass LastPass Corp. https://lastpass.com/

LockCrypt open source http://www.lockcrypt.com/

1Password AgileBits https://agilebits.com/

Password Safe open source http://passwordsafe.sourceforge.net/

My favorite:

KeePass open source http://keepass.info/

passwords
Passwords

Some references on how to choose safe passwords:

http://www.microsoft.com/security/online-privacy/passwords-create.aspx

http://www.aarp.org/technology/how-to-guides/info-03-2011/create-strong-passwords.html

http://www.thegeekstuff.com/2008/06/the-ultimate-guide-for-creating-strong-passwords/

Length

Complexity

Add UPPER CASE, numbers, special characters

Character replacement – Leet (for elite):

The following table shows possible substitution characters that “look” like the letters they are to replace. Any, or none, of these can be used, but it's probably better to be consistent with which characters you use.

Those in red in the table are more obvious.

lastpass

Download and install LastPass on your computer.

https://lastpass.com/

Create an account and enter a master password.

This password is not transmitted to the LastPass web site, it is used to encrypt the transmissions to/from LastPass. LastPass DOES NOT KNOW YOUR PASSWORD. You must keep it.

LastPass looks for saved passwords on your system and allows you to select (or de-select) them for inclusion in the encryption.

LastPass puts an icon on your browser showing if you are logged on or not.

LastPass
lastpass1

If you are logged on, when you enter a logon/password to a web page, LastPass will prompt you to save it or not.

If you have saved the logon/password, whenever you open that page again, the logon name and password will be filled in.

You may elect to have LastPass "auto-logon" whenever you go to that page.

Additional features:

Password generation.

Import/export from/to other password managers.

LastPass
keepass
KeePass

To install KeePass:

Open the web page: http://keepass.info/download.html

To install on your Windows machine:

Click on the first link on the right column (KeePass 2.nn (Installer EXE for Windows)).

Download and install program.

To load the stand alone version that can be run from a USB flash drive or CD:

Click on the second link on right column (Portable KeePass 2.nn (ZIP Package)).

Download and unZIP files to appropriate location.

keepass1
KeePass

Run KeePass for the first time:

Click OK on the "...file could not be found" message.

Blank KeePass screen comes up.

Click File/New.

Name and locate new KeePass database file.

Master Key.

Enter Master password (twice).

keepass2
KeePass

Master Key: (cont.)

Check Key file.

Click "Create" button:

Name/locate key file. Same name and location as KeePass database file (that's the default).

Left pane – move cursor around box until bits = 256.

Right pane – fill with random characters.

Click OK.

DON'T use Windows user account.

Click OK.

Database Settings.

Let's accept the defaults for now.

Click OK.

keepass3
KeePass

Select category.

Select Edit/Add Entry...

Title – your name for the web site.

User name –logon user name or email.

Password – password you will use.

Enter the existing password for the logon or use:

Add entries:

Password generator to create a new one:

Select length.

Select characters.

Advanced options.

Preview samples.

Click OK.

Check Quality.

keepass4
KeePass

Add entries: (cont.)

URL – copy URL of web page that has logon.

Note – additional info: questions/answers, PINs.

Click OK.

keepass5
KeePass

To use KeePass:

Drag and Drop process:

Open KeePass.

Select an entry.

Double click on URL field in that entry – web site will open.

Drag User Name and Password to appropriate boxes.

Press <Enter>or click the logon button.

If there are additional prompts/questions, find their answers in the Notes section of the KeePass item.

keepass6
KeePass

Auto type process:

Open KeePass.

Select an entry:

Double click on URL field in that entry – web site will open.

Press: <Crtl><Alt>A.

This should fill the logon name and password fields and enter a <Enter>.

If it does not auto-fill:

Check to see that the cursor is positioned on the Logon name If not, put it there.

Check that words in the Title are contained inthe URL.

Check to see that there are any other fields/pages involved in the logon process of that site. If so, try to build auto-type sequence that will work.

keepass7
KeePass

Maintenance

Move to new location – portable installation only:

Move or copy all the files in the KeePass directory to the new location.

You can keep the two databases synchronized by using:

File / Synchronize... / Synchronize with file... and selecting the destination file to synchronize to. That is, data in the currently open file will be copied to and overwrite data in the destination file.

Synchronization will allow you to run your primary KeePass database on your computer and have a portable copy on a flash drive to which you synchronize periodically.

keepass8
KeePass

Backups

Regularly backup the database and key files:

xxx.kdbx (or possibly xxx.kbd for older versions).

xxx.key (if you have created a key file when entering the master password).

By default these will be located:

For installed version of KeePass:

C:\Users\{username}\AppData\Local\KeePass

For portable (not-installed) versions:

In the same directory where KeePass was unZipped.