The document discusses challenges with managing multiple passwords and potential solutions. Too many passwords can discourage technology use due to difficulty tracking and organizing them. Solutions proposed include password management software that securely stores login credentials across devices, generates strong passwords, and simplifies accessing accounts. LastPass and KeePass are highlighted as popular open-source options for generating, storing, and syncing passwords conveniently while maintaining security.

1. Challenges and Solutions
Jim Behnke and Jose DeLeon

2. …when does too many passwords
become a hindrance to instructors?

3.  Student records?
 Financial information?
 Photos of family / friends?
 Instructional materials?
 Research / doctoral thesis?
 Confidential survey data?
 Given that user names and passwords are
the norm…
 Why do people use weak passwords, or no
passwords at all, by preference?

4.  Too many passwords
 May prevent or discourage use of technology
 Difficult to track and organize efficiently
 Differing password complexity requirements

5.  Creating quality passwords
 Password Recall
 Password uniqueness
 MultifactorAuthentication
 Secure storage
 Portability (ability to access on multiple
computers / devices)

6.  Mixed Case
 Alphanumeric
 SpecialCharacters
 (!@#$%^&*()_+/*-+
 Unambiguous characters
 Il
 Password Length
 94x possibilities ( Z^U5yCeQ7k )
Hint: its not that easy!

7.  Memory (unreliable, impractical esp. with
decent passwords)
 Written Down (insecure)
 Stored in a plain text file (still insecure)
 Store in specialized Password Management
Software

8. http://keepass.info http://lastpass.com

9. Open-source password management database
James Behnke

10.  Database for secure
storage of user
accounts and
passwords
 FREE, “open-
source”
 Cross-platform

12.  DEMO SUMMARY:
 Stores data needed to accessWeb-based
applications
 Tools for securely generating and evaluating
passwords
 Makes using passwords convenient
 Encrypted data files

13.  What happens if someone steals your database
file?

14.  Wikipedia definition: “encryption”
“In cryptography, encryption is the process of
transforming information (referred to as
plaintext) using an algorithm (called cipher) to
make it unreadable to anyone except those
possessing special knowledge, usually
referred to as a key.”
http://en.wikipedia.org/wiki/Encryption

15. DO NOT LOOSEYOUR PASSWORD OR KEY FILE!

16.  Problem: How do I carry my
password database from
device to device?

17.  USB Flash Drives (for data files)
 MyFilesw/ “Xythos Drive” or OSX
 “DropBox” (www.dropbox.com) or
similar “data synchronization” service
 “Portable apps” (DEMO)
(http://portableapps.com/) or similar
application

19. KeyPass Pros KeyPass Cons
•Relatively easy to use
•Free
•Cross-platform inc. mobile
options
•Relatively secure
•Widespread use, many
“plugins”
•e.g. synchronize databases
between computers, automatically
enter information instead of copying
and pasting
•Currently, requires additional
effort / knowhow to make it
portable
•”Plugins” must be sought
out, installed, and toyed with

20.  Browser Based
 IE, Chrome, Safari, Firefox
 Portable
 Iphone, BlackBerry, Windows Phone, Symbian, Android
 USB Flash Drive
 Cloud
 Security
 SSL encryption on all traffic to Last Pass servers
 Database encrypted/decrypted at the client side with 256-bit
AES before transmission to servers
 Master password stored on servers as a hash.
 Screen Keyboard
 Phishing Protection

21.  Multifactor Authentication
 OTP – (OneTime Passwords)
 YUBIKEY – token based authentication
 Usability
 One Master Password
 Automatic Form Filling
 One Click Login
 SynchronizedAcross Browsers
 Securely Share Login Credentials
 Automatic Backup
 Password Generator

22.  Firefox 4 Beta:
 New Firefox provides service to synchronize
passwords between computers (.MP4 video)
 Google Chrome: