• Jim Dayman

    Great article Dave. I am very uncomfortable with storing all of my passwords on the internet so I use a locally encrypted database using a free program called KeePass Password Safe. It’s free and open source – no hidden code. Here is the website:

    http://keepass.info/

  • I totally understand keeping it “offline”. LastPass comes highly recommended from numerous sources like cnet, pcworld, network world, etc. They offer no means of password recovery for security reasons. You can provide a hint but it will not get your password back. It literally is a hint to remind you of your password. 🙂 So in this way it’s more secure than most accounts that have recovery procedures. But of course that means you lose all your info if you don’t remember your password. Shame on you! 🙂 I like using a service like LastPass because I like all of my data to follow me wherever I go and whatever device I use, including my secure data. 🙂

  • BTW, even if you use an offline method of storing your usernames and passwords (like KeePass) you could still put it’s encrypted database in a TrueCrypt volume and have it sync to a service like Dropbox to have near universal access to it. Obviously Dropbox could still be compromised but you have 3 layers of encryption to break through (Dropbox, TrueCrypt, KeePass). I say near universal because it may still be a problem accessing this on a mobile device since I don’t think there is any truecrypt app for mobile devices. Don’t know about Keepass.