Basics of Password Security
In this era of Web 2.0, there are tens and sometimes hundreds of websites and forums, where you have to create an account and have a username and password and you want them to be secure also. Two of the basic premises of password security are …
Always use strong passwords: which are 8-14 characters long, do not contain any dictionary word, do not contain any of your personal information like name date of birth etc., are a mix of alphabets, numbers and special characters and have a blend of small and capital letters.
Do not repeat same password at a number of sites.
With so many expectations, it is next to impossible for an average computer user to remember all these passwords without the use of a password manager tool. There are lots of them available, some paid and other on free basis. But it has been observed them because of several reasons; sometime due to lack of knowledge about their availability, sometimes due to complexities of their operations and sometimes due to fear of sharing their passwords with a third party
However there is also another option.
Most of the popular Internet browsers today have password remembering feature. This makes our lives convenient and many people tend to use this facility. But it has an inherent weakness.
Take the case of Firefox.
Firefox has a decent password remembering facility. All passwords are stored within Firefox files. But they can easily be seen by anybody using your computer in your absence with a few clicks. To prevent this, Firefox has a facility called Master Password. Master Password allows you to specify a Master Password, which is needed when you want to see the passwords stored within your browser.
Master Password also has the facility to automatically logoff through its timeout feature, which disallows access to passwords after a default value of 300 seconds / 5 minutes. That is, if your browser is inactive for a period of 5 minutes, your firefox assumes that you are away from your computer and logs you out of the master password. You have to login again to use your stored passwords.
But what about the case when you are just leaving your computer for a couple of minutes. Is a period of two minutes is not enough for your spying colleague to come at your desk, click a few times and get access to your stored passwords. I do not find there any option, which allows you to logout of your master password, whenever you want.
How to Logout from Firefox Master Password After Timeout
That’s where the role of a useful Firefox Security Addon come into play. Firefox Master Password Timeout locks the master security device after a predefined period of inactivity to prevent unauthorized use of saved passwords. You can easily change the default value from 300 seconds to anything you want.
This important firefox security addon also allows you to logout from master password with your right click contextual menu.
Caution: There are user complaints that it wipes out all your saved passwords on install and uninstall. Please take it into consideration before downloading, installing and using Master Password Timeout Firefox Extension. The extension is available for Firefox 3.5 also although the firefox website says that it has not been updated after June 14, 2008.
July 27th, 2009 at 4:26 am
Very good post about using secure password. Most people still use same password for multiple sites. It’s very dangerous. Aleast use unique passwords for some important sites like bank and email sites.
Choosing unique password is easy. For example, you can choose password like “T@1tt@r” for Twitter. This way you can easily remember it.
July 31st, 2009 at 2:36 pm
a problem when blogwaking
September 24th, 2009 at 2:06 am
Its really nice information. Thanks for sharing this great tip.