10 utilities to secure your data

Keeping intruders out of your system is half the challenge; making it impossible to find your valuable data is the other

By Ian Harac, PC World |  Security, utilities

That brings me to Password Safe, another free and open-source tool. Password Safe has an import feature, but it requires that you use its XML or CSV formats, which are not the ones that the most popular password-export plug-ins for Firefox typically use. It claims to support KeePass exports, but I tried both the XML and CSV export formats from KeePass, and neither worked. Password Safe is also less feature-rich than KeePass, and since they're both free, it's hard to give the advantage to Password Safe at this point.

My favorite of the three password-management programs I tested, though, is Sticky Password, which is the only one that costs money (although it does have a 30-day free trial). It has the best browser-integration features, requiring no hoops to jump through and offering support for a wide range of common and obscure browsers. The downside of a commercial program is not just price (which is reasonable, but not cheap, at $30), but risk: Open-source programs have many eyes upon them, looking for exploits and verifying that no backdoors exist. A program in this niche is asking you to put an awful lot of valuable information in one place, and that's a high level of trust when someone is handing you a black box. That said, there's no reason to believe Sticky Password isn't secure and safe; it's up to you to decide what level of paranoia you feel comfortable with.

Password managers and the next category of tools, disk-encryption utilities, share a common strength and flaw: a single point of failure. A password manager has its own master password, of course--and if that becomes known, everything becomes known. Going by the premise that you need to remember only one such password, ever, you can--and should--make a very long and complicated "strong" master password. Don't put it on a sticky note on your monitor, either. If your system is not secured, however, any keylogger or other piece of malware can grab that master password, no matter how cunning it is. Although brute-force attacks are possible if your computer has been physically seized, you're much more likely to face attacks in the form of spyware or social engineering than a supercomputer churning out a million keys a second.

Encryption Reserves Data for Your Eyes Only


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness