password securityBasics of Password Security

In this era of Web 2.0, there are tens and sometimes hundreds of websites and forums, where you have to create an account and have a username and password and you want them to be secure also. Two of the basic premises of password security are …

Always use strong passwords: which are 8-14 characters long, do not contain any dictionary word, do not contain any of your personal information like name date of birth etc., are a mix of alphabets, numbers and special characters and have a blend of small and capital letters.

Do not repeat same password at a number of sites.

With so many expectations, it is next to impossible for an average computer user to remember all these passwords without the use of a password manager tool. There are lots of them available, some paid and other on free basis. But it has been observed them because of several reasons; sometime due to lack of knowledge about their availability, sometimes due to complexities of their operations and sometimes due to fear of sharing their passwords with a third party

However there is also another option.

Most of the popular Internet browsers today have password remembering feature. This makes our lives convenient and many people tend to use this facility. But it has an inherent weakness.

Take the case of Firefox.

Firefox has a decent password remembering facility. All passwords are stored within Firefox files. But they can easily be seen by anybody using your computer in your absence with a few clicks. To prevent this, Firefox has a facility called Master Password. Master Password allows you to specify a Master Password, which is needed when you want to see the passwords stored within your browser.

Master Password also has the facility to automatically logoff through its timeout feature, which disallows access to passwords after a default value of 300 seconds / 5 minutes. That is, if your browser is inactive for a period of 5 minutes, your firefox assumes that you are away from your computer and logs you out of the master password. You have to login again to use your stored passwords.

But what about the case when you are just leaving your computer for a couple of minutes. Is a period of two minutes is not enough for your spying colleague to come at your desk, click a few times and get access to your stored passwords. I do not find there any option, which allows you to logout of your master password, whenever you want.

How to Logout from Firefox Master Password After Timeout

master password timeoutThat’s where the role of a useful Firefox Security Addon come into play. Firefox Master Password Timeout locks the master security device after a predefined period of inactivity to prevent unauthorized use of saved passwords. You can easily change the default value from 300 seconds to anything you want.

This important firefox security addon also allows you to logout from master password with your right click contextual menu.

Caution: There are user complaints that it wipes out all your saved passwords on install and uninstall. Please take it into consideration before downloading, installing and using Master Password Timeout Firefox Extension. The extension is available for Firefox 3.5 also although the firefox website says that it has not been updated after June 14, 2008.

[Download Master Password Timeout]