APP OF THE DAY: aWallet Password Manager
This is the week that your password was stolen. But if, somehow, you aren't a member of either LinkedIn, LastFM or eHarmony then you might be in luck, and you might not have had your security compromised on one or more sites.
The problem with passwords is, there are too many of them. Think about what in your life is now password protected. Your phone has a PIN or unlock pattern, your bank cards have a PIN and your online banking has a unique ID number, passcode and long password. Every website and forum needs one too, and the rules mean they can be complex to remember.
aWallet Password Manager
- Google Play
aWallet Password Manager can help though, but there are, as always, some caveats.
The app works by asking you for a "master" password. For security, this should be long and impossible to guess, especially if you're going to store banking passwords in here. Current thinking is to abandon the perceived security of letters and numbers. Far better to avoid dictionary words as much as possible, or to string a lot of them together. Oh, and us3ing numb3r5 instead of l3tters isn't any more secure than not using numbers. The hackers are wise to this. For amusing claification of this, check out this XKCD.
Once you've set up your master password, you can save anything you want - pretty much - into aWallet. You can divide things into separate groups. For example, there are areas for credit card numbers, bank logins and websites.
The big advantage of using an app like this is that it can help you remember much more complex passwords than before, but also - and crucially - a DIFFERENT password for every website or service. This means, if one gets hacked, you aren't going to give someone access to every service you use.
You can also backup passwords to a CSV file on the SD card, for transfer off, elsewhere. We think it goes without saying, you'll need to be very careful about doing this. Leaving a file on the SD card is a huge risk, but so - in theory - is deleting it without using a secure delete program.
But, for our money, the best feature of all is that this app has no access to the internet on your device. You'll see this when you install, and that means that there's no possible nefarious uploading of your password data elsewhere. This is one of very few apps that doesn't ask for internet access, and it's the reason we've selected it out of the many possibilities.
To keep your passwords safe, the app will lock after a short period of inactivity. Which means, even if you were logged in to it and your phone got stolen, the thief would probably not be fast enough to see your password data. The app can also be programmed to delete all your data - including backups - if someone tries to enter the wrong password several times, the number is defined by you via the settings.
We very much like aWallet, but there are a lot of things to consider here. First, if you lose your phone, and you've got complex passwords for everything, that you can't remember, then you're going to have to do a lot of password resetting. Second, if someone guesses your master password, then they'll have access to everything.
So what you store will need some careful consideration, but that's really up to you, and how comfortable you feel with the app. You could add some security by using misleading category names within the app, so people never really know what details they're looking at, if they get access.