Passwords and Hacking (Part 3)
I found one application called Clipperz (http://clipperz.com). Clipperz provides a service to managing your passwords on their server. They all provide a community source version for personal or internal use, and a commercial license for the same. I have installed the community source version on my web server to manage my passwords. That way they are available whenever and wherever I happen to be. I have KeePass installed on my desktop and am slowly migrating to Clipperz. Clipperz will take a bulk import from KeePass and convert it to its own structure. A future blog will report on the overall ease of use of Clipperz.
The main disadvantage of encrypting everything in the browser is that there is no way to recover your information should you loose/forget your login passphrase. Your passphrase needs to be easy enough to remember and correctly type, but complex enough so that no one else can guess it. The system does allow you to change your login passphrase, but you are required to know the current passphrase.
Clipperz stores your login information in an item called a card. The card contains all of the information necessary to access that protected resource. You can add items to the basic list if you need to. Cards for web accounts contain (by default) the URL, username, password, title, and notes section. Once that information is entered and saved, cards are listed alphabetically by title. There is no other organization, unlike KeePass which allows you to organization the entries into password groups. It appears that appropriately titling your cards will work almost as well, but it is more awkward.
Storing your passwords in an online application makes it easier to access from multiple computers, including hand-held (phone or tablet) devices. The basic web password card is not ideal because of the need to remember the password as you copy it from the display in Clipperz to the other site’s login page. Clipperz provides a feature called “Direct login” that makes that process easier. That will be reviewed in a future article.