GCN LAB REVIEWS
Make your passwords hard to crack, easy to use
- By Greg Crowe
- Feb 28, 2012
The conflicting forces of the need to keep passwords secure and the desire to make them easy to remember have been at war since we’ve had computers. As we become connected to more and more online sites, the temptation to just use a single password for everything becomes tempting, even though we all know that is the most unsafe thing we could do. If a hacker gets one of your passwords, they get everything you are connected into, which could be disastrous.
Most browsers have an auto-complete function that will remember passwords and other form data for you. However, they only work on the computers on which you have already entered the data, so if you change computers you do have to remember them all over again. And they tend to forget passwords when you do things like clear your cookies or allow a certain amount of time to pass.
RoboForm Everywhere solves the difficulties of having to remember every single password while keeping them securely stored in one place. This way your passwords and other data can be accessed from any computer.
Pros: Works on any computer; most processes fairly automatic.
Cons: Client download is needed on each computer used.
Ease of Use: A-
Price: $10 for first year, $20/year thereafter
The 25 worst passwords of 2011
One more reasons passwords are no darn good
We found the setup of RoboForm easy to figure out. We just downloaded the client from the RoboForm website and installed it on our test computer. When prompted, we created the Master Password we would need for all uses of the software. Since this is the one password we would have to remember while using RoboForm, we made sure it was a good compromise between difficult to crack and easy to remember.
Once RoboForm was up and running, a toolbar showed up in our browser window. This gave us access to the RoboForm menu as well as a visible reminder that it was active. There was also an icon in the taskbar at the bottom of the screen that we could use to access RoboForm when a browser was not open.
Whenever we went to a website and logged in with a username and password, RoboForm would ask if we wanted to save this information. While this is something we’ve come to expect from the browser, there were marked differences with what RoboForm did with the information.
From that point on, this login (or "passcard" as RoboForm calls it) will show up in a drop-down menu on the toolbar. When we clicked a login that we weren’t already connected to, RoboForm would immediately open a new tab in the browser (or open the browser if it wasn’t already), go to that login’s URL, and log in automatically. We were pleased with this step above simply auto-completing the login form.
In addition to keeping password information, we discovered that RoboForm will also help you create an "identity" containing typical information often requested in non-password Web forms. We typed in data items such as name, address and phone number, and the next time we went to a form that was asking for that information, we clicked the "Fill Form" button on the toolbar and RoboForm filled it out with the information it had stored. It did a pretty good job figuring out which fields required which information and left blank fields for which it had no information. We could even have RoboForm fill out specific fields in the form by selecting them before pushing the button.
RoboForm will also keep this information organized when there are two different instances of the same kind of information. When we put in two addresses, for example, a submenu appeared and asked us which address we wanted to use. RoboForm handled this very smartly and never manages to get tripped up and put the wrong information in the wrong field.
Since RoboForm has made it so you only need to remember one master password, it might be a good idea to make your other passwords harder to crack. To help with this, RoboForm has a random password generator that will produce a string of uppercase and lowercase letters, numbers and special characters of a certain length as directed. The resulting password can then be copied and pasted into the form field.
RoboForm also has a SafeNotes tool that allows you to keep data that won’t appear in a Web form which you still might need to remember. Customer support telephone numbers, IP addresses and ATM PINs can be kept safe and accessible within the RoboForm program.
The only disadvantage we found with RoboForm was the fact that it needed to be downloaded and installed on every computer where you would use this information. But that is not a hassle when you consider how much effort you can save by not having to reset passwords every time they are forgotten.
Siber Systems is selling RoboForm Everywhere for $10 for the first year and $20 per year after that. While being on the hook for an annual fee might rub some people the wrong way, for others it’s probably a worthwhile expense. For those who only ever use their logins on one computer, Siber Systems does sell a desktop version for a one-time price, too.
RoboForm is a good way to get passwords to be as easy-to-remember as users want, and as hard-to-crack as network administrators need.
Siber Systems, www.roboform.com
Greg Crowe is a former GCN staff writer who covered mobile technology.