Saturday, 24 October 2020

Password Safes and Syncing across Multiple Devices & Platforms

I'm not the most prolific blogger, but it occurred to me that my note on Password Safes from quite some time ago needed a refresh, as things have changed.

Managing Passwords


Everything I wrote about managing passwords here is still valid and true.  As things have moved on, I'll call out two things of note: 

  • Use 2FA (two factor authentication) wherever it's available (and remember while authenticator apps and hardware keys are better than SMS, if SMS is all that's available it's still better than nothing) 
  • Making your password safes available on multiple devices is achievable for (almost) free (and that's what this message is about)

Storing online vs locally

I'd written previously about keeping a USB stick in my pocket and using that as need to grab the passwords I need.  That's fine until it isn't: you could lose the the USB stick (no risk to the secrets, but it's a hassle) and it doesn't work on a mobile or cell phone.


With Google Drive, DropBox and others becoming ubiquitous and various syncing tools available, keeping your password safe on a cloud storage service and accessing it on multiple devices just got achievably easy!


Syncing

I'm using Google Drive to store my password safe and I have the Password Safe app installed on the handful of devices I own.

Windows

I use Google Backup & Sync to keep the password safe file synced on my Windows lappies.  Any change I make will appear pretty much immediately back on the cloud and soon enough afterwards on the other devices.

Android

I use Password Safe and Password Safe Sync to get make my password safe available on my Android handset.  It's a little clunky to configure, but when complete it's actually quite smooth.  Password Safe Sync will always keep the correct version available to you and will then open the safe in the Password Safe app for you.  It'll even support your fingerprint reader too.

IOS

I tinkered a bit with StrongBox on AppStore when I used an iPhone more heavily.  It neatly talks to Google Drive and integrates the syncing and password management functionality. It used to be free, but now (as of writing) costs €45 for a licence.  

Checking for Problems

It's a great idea to uses Have I Been Pwned to verify the health and general goodness of your passwords

Disclaimer

This is how I manage my passwords.  I'm not claiming it's fool proof and I accept no liability if you choose to do this.  It's your data & credentials: securing them is your responsibility.  I have no affiliation with the authors or creators of any of the tools I've listed here.


No comments:

Post a Comment