Q. I have a question about an app I downloaded on my iPad and iPhone5: Passwords Plus. You create a long master password that allows you to access the info you store in the app. The info can be anything from bank accounts and credit card account numbers to passwords for various websites.
My question is whether this app and maybe others that are similar are safe.
I have so many passwords that I created an Excel spreadsheet with all of that info, and started entering the data from the spreadsheet into Passwords Plus. Then I started thinking that it may be just as vulnerable as other apps out there.
Patti B., Durham
One important thing to remember about password storage solutions is that safety, as with all things, is relative.
Passwords Plus ($4.99-$9.99), from DataViz, is like several other password management systems on the market in that it specializes in storing and protecting your own database of passwords in the cloud. LastPass (free to $12 a year) and 1Password ($49.99 to $69.99), which Ive discussed here before, are two other popular options.
Cloud storage certainly makes things convenient. Making your information accessible wherever you are on whatever device means youll never lock yourself out of your email as long as you can remember your master password.
But whenever you allow your data to leave your possession, theres always a risk.
That being said, the security behind Passwords Plus makes it relatively safe. The passwords themselves are encrypted before they leave your device using an industry standard technique, meaning everything you store in the cloud is unreadable to anyone but you.
If the idea of stashing your passwords on someone elses server no matter how secure makes you uncomfortable, you should also consider giving Password Safe a try. Its free and open-source, and according to IBM IT Security Architect Jeff Crume, well established among geeks in the know. Like the products Ive already mentioned, it secures your information using a single master password, except everything is stored locally on your own computer.
Any of these solutions, as Crume points out, are probably preferable to using a spreadsheet to keep track of everything.
One thing I can say for sure is that while Excel is a very serviceable spreadsheet it is not a great password vault, Crume said in an email. Thats not surprising since it wasnt designed to be one in the first place.
You are right to be wary, though. With little barrier to entry for distribution centers like Google Play and other online marketplaces, it can be tough to separate the good products from the bad.
Crume says looking for tools with long track records is often a safe bet. Finding tools with large user bases and positive reviews from IT experts can also be helpful.
None of this guarantees 100 percent security. But asking these questions can help you can find your own solution for keeping your passwords safe at least relatively.
In the end, youve got to trust something. Either its your memory, a spreadsheet, a sticky note attached to your monitor (none of which do I recommend) or a purpose-built tool for storing passwords in a secure manner such as those Ive mentioned, Crume said in an email. Choose wisely, because the keys to your own personal kingdom are at stake.
Send technology questions to firstname.lastname@example.org. Please include your name, city and daytime phone number. Sorry, we cant answer every question.