Gathan Beaga

password safe

How many computer passwords do you have?

I’ve got around 180 or so: websites; email addresses; admin passwords for various databases, web spaces, domain names; passwords for work; passwords for the computers I use; passwords for the various applications on them.

Of course, you need another application to help you with these. Something that takes a single master password and gives you the full list. There are lots of these, but the one with, IMO, the best pedigree and a not too shabby feature-set, is Password Safe.

It was originally written by renowned cryptographer Bruce Schneier, and then handed on to a group of developers for continual development as an open-source project. I feel happier about the security of the application compared to similar apps that might be closed source (and therefore not subject to review) or created by crypto amateurs.

Other good things:

  • import / export features, meaning that you can get your data into and out of the application relatively easily.
  • other applications support the same files, meaning that if the open-source project developing Password Safe ever failed, there are other applications that could be used on the file you’d created with Password Safe.
  • it’s free.

So on my work (Windows) machines, I can use Password Safe. On my Macs, I can use another app (also free) that reads and writes the same file format, Password Gorilla. Using Password Gorilla is a little more complicated (the Mac app for download on their site would not unzip for me) – but on MacOS 10.41 you can download this file and run a command in Terminal to start it:

MacBook:~ alan$ wish gorilla-1.4.kit

Password Gorilla on the Mac

And off we go.

Previously I had all my passwords in an “password protected” Excel spreadsheet, having stopped using HandySafe at the same time I stopped using my P900 phone. Not so good.

Now I have a much more secure system. And I can edit the password file at work, and then take the file home to use on my MacBook there.

And maybe one day it will run on my phone too. Then I could have my passwords anywhere, anytime, at any computer.

Well, it gets me excited, anyway.

1 Password Gorilla uses Tcl/Tk, a cross platform way to build user interfaces for applications. On MacOS 10.4 the various applications and libraries required to support Password Goriila’s use of Tcl/Tk are already installed. It’s definitely better following this route on Intel Macs as then you’ll get a Universal – and much faster – build of Tcl/Tk.