pwSafe Cracks the Safe-Password Problem
The username/password system that has become ubiquitous for accessing online accounts is woefully inadequate. People tend to choose weak passwords that are easy to remember. They use the same passwords for multiple accounts. They rarely change them. All of those behaviors are woefully insecure, but the current system demands too much of the user. pwSafe attempts to bridge the gap, making password management easier and more secure.
03/26/13 5:00 AM PT
pwSafe, or Password Safe compatible Password Manager, is available for US$5.99 at the Mac App Store.
Hardly a day goes by without a data breach making the news or a social media account being hacked. That kind of news can be unsettling to many of us and leave us wondering how we can better protect our online security.
One way to address the problem is to beef up your first line of defense against hackers: the passwords to your online accounts.
In recent times, passwords have been pilloried by security experts as woefully inadequate to protect consumers from the denizens of the computer underworld. That may be so, but passwords are what we have for now, so protecting them should still be a high priority.
Strong Passwords Annoy
Two prime rules for using passwords is make them strong and to refrain from reusing them.
Strong passwords can be a pain, which is why many consumers don't use them. The strongest passwords contain random characters -- they're not just words, but strings that include upper and lower case letters, numbers and symbols. That makes them difficult to remember.
Memory also plays into the reason why people reuse passwords. You may need passwords for scores of accounts -- more passwords than most of us have any desire to remember.
Password managers like pwSafe address both problems. They create strong passwords and they remember them for you.
pwSafe is an economically priced ($5.99) password manager from App 77 Informatica e Servicos, available from the Mac App store.
The software isn't as elaborate as something like RoboForm, but that's exactly why some users may find it appealing.
When you launch pwSafe, it asks you for a password. You'll want to make it a strong password. After all, it will be key to all your other passwords.
At this point, it would have been convenient if pwSafe had offered an option to use its password generator to create a strong password -- but you can change your master password later.
You can also choose to store your logins in either iCloud or on your computer. Storing your information in iCloud will protect it should anything happen to your local copy of the data.
If you're working on a copy of your password data in iCloud, the program will keep nagging you for your master password at an interval you can customize. You can't turn the nagging off, but you can extend it for a long enough period of time that it will cease to be a nag.
After creating a safe for your data, you can start creating logins. Login forms consist of a title, user name, URL, email, notes, and a strong password created by the software.
The app supports all of the Mac's built-in editing features, including spelling and grammar, transformations (lower to upper case, upper to lower and all caps), and Apple speech input.
If you don't like the password created by the program, you can generate a new one by simply clicking the "new" key beside the password box.
Default passwords contain 12 characters and all the quirks security pros like to see in a password. For most people, they're impossible to memorize -- and for most hackers, impossible to crack.
Beside the password box are icons for displaying a history of passwords and for customizing the rules for generating passwords.
It's highly recommended that you change your passwords periodically. As you change your passwords, it's useful to know what passwords you've used in the past, so the history feature in the software is a valuable one.
Changing the Rules
The program also lets you choose how it creates passwords.
You can determine the length of a password, as well as the number of lower- and upper-case letters, digits and symbols. You can also limit the password to hexadecimal or easy-to-read characters, or generate pronounceable passwords.
At the bottom of an entry's form are controls for locking your password safe and toggling the password and note fields between readable and unreadable characters.
There's also a control for taking you to the URL in the form and posting your login information in it.
Although pwSafe uses the cloud to store passwords, it's not per se a cloud password manager, as is something like OneID or RoboForm Everywhere.
An advantage of a cloud-only password manager is that you can access it with any Web browser. Hence, you can access it from almost any device. That's not necessarily the case with a device-based password manager like pwSafe. A manager installed on your MacBook won't help you when you try to log into a site with your iPhone.
Some device-based password managers will sync their content across devices. However, you may have to pay for that convenience by buying a copy of the app for each device you want to access your password data.
Nevertheless, with a device-based password manager, you don't have to worry about not being able to access your passwords when the cloud is down.
If you're looking for a streamlined app for managing your online logins, pwSafe will give that to you, plus a little extra.
Want to Suggest a Mac App for Review?
Is there a Mac app you'd like to suggest for review? Something you think other Mac users would love to know about? Something you find intriguing but are hesitant to buy?
Please send your ideas to me, and I'll consider them for a future Mac app review.
And use the Talkback feature below to add your comments!