First of all, go read The Ballad Recommends, specifically the entries on Password Safe and Dropbox. I have a few things to say there that I won't repeat here. Go on, I'll wait.
Next, grab both installers from the links in the title of this post. I'll be writing these instructions from a Windows XP perspective, but running both of these tools on Vista is basically identical. If you want to try this on Linux, you probably don't need my help in the first place. If you use Mac OS X, sorry, you're on your own there.
You should have both installers downloaded, something like this:
We'll start with installing Password Safe, getting a bit familiar with the program, and then work on the Dropbox portion. Go ahead and double click the installer "pwsafe-3.16" to get started.
Select your language:
Agree to do whatever the software makers say:
Now it gets interesting. I've used Password Safe for several years, and I've never used any install method except the "Green" one. Basically the Green install puts everything Password Safe needs into a single folder which you then run the program from. It's considered a "portable" installation because you could use it on something like a USB drive (which like I've said I have done for a long time, until Dropbox) or if you just don't want to tie it to one computer (which I never have). In our experiment here, we obviously will be using the Green install because there's no reason to tie it to the specific computer. I like this method anyway as it acts like a throwback to the days when programs were just installed to one place on the computer and that was it; delete the folder, delete the program (yeah I know, kinda like a Mac, but I just can't use those fussy machines myself).
Anyway, pick the Green install and we're off:
I would recommend the following settings for the Green install (you are welcome to start the program automatically, but we can do this later anyway):
Next you'll select where to install Password Safe. Hit the Browse button:
Installing the program somewhere like My Documents is fine, and actually where I recommend. Just pick somewhere where you'll know where it is. Once you've picked a spot, hit Make New Folder:
Name it something useful like, I don't know, the name of the program. I'll usually throw the version number in there as they update PSafe fairly frequently and I often will try out a new version while keeping the old one handy (another advantage of the Green install). Then hit OK:
You should end up with something like this for the path (obviously without the username censoring there). Bang on Install and let's get to it:
PSafe installs in a flash. Hit Close when it's done:
Now we'll bounce over to the path where we installed PSafe (in this example, under My Documents):
Jump on in. There's not much in here yet, but I will point out the actual application you are running. If you installed a shortcut to this app, this is the program you are linked to:
We'll be digging in to more of this in a bit, but let's minimize the window for now and hit up our desktop. There should be a shortcut for Password Safe on here (also one in the Start Menu if you're keeping score):
Go ahead and bang on this shortcut and it'll start up PSafe for the first time. You'll get a happy launch screen with not much in it. We're assuming you don't have a PSafe database yet, so click New Database and I'll quickly run through making a new password database:
For now you can save this database anywhere (again, just know where that is). For now I would select the same folder you installed PSafe to, just to keep things tidy. We'll be moving this database anyway once we get Dropbox up and running. I would also name it something fairly useful (not like "pwsafe") so you know what you're getting into. I run all my passwords out of one database, so I'm assuming you'll do the same here (but you could create more than one). Name the database, then hit Open:
Now comes the serious business. One Password to Rule Them All. I can't stress enough the importance of two points here: 1) Come up with a good, solid password (some basic good guidelines are here and here) and 2) Don't forget what it is!!! This second point should be obvious, but understand something about Password Safe: you lose the master password, you lose it all. So it's a bit of a catch-22: you want a good, strong password that only you will know, but you don't want it so obfuscatingly bizarre that you'll never remember it (and thus do something stupid, like write it down). It's a bit of conundrum, so if you spend most of your day on this one little section of creating the best One Password to Rule Them All that you can, great! It really is the most important part of all of this. Once you have your One Password, type it twice (whenever I need to make up new passwords, I actually practice in a word processor to make sure I'll be able to do it with my eyes closed, which is basically what those darn astericks do) and then hit OK, solidifying your One Password to the bits and bytes of your database forever:
Finally, we have an empty PSafe database. This is where the magic happens.
Like I've said before, Password Safe is an open source application. This makes it very useful and stable, but not terribly person-friendly. I'll go through the Options menu and give you a rundown of what choices I think you should select (at a minimum), but after all of this I urge you to read through the Help documentation included in the program. The background on how all of it works will help tremendously in your day-to-day use of Password Safe. So, to start off, click Manage and then Options, and we're presented with lots of them:
This first screen is backup options. I would suggest leaving them as is, as this will automatically set up incremental backups of your database as you make changes and such. Should a catastrophe happen and you need an old backup, these options will give you a good starting point. Pick Display next:
Again, not much to change here. Feel free to play around with these later, but for now you probably won't even know what any of it means (until you've used the program extensively and have read the documentation). Pick Misc. next:
Here you can change one or two things. I prefer to use Autotype as my default double click action when it comes to PSafe; basically this lets you put your cursor in the username field of a login page, then double click the entry in Password Safe and it will fill it in for you. Once you get used to this, you won't ever want to type a username or password in again (which is a major point of PSafe anyway). You can also set your default username here, which just means for every new entry you create, PSafe will assume this is the username (which you can of course change on an entry-by-entry basis). You don't need to do this, but it may save some typing when creating your entries in PSafe. Hit the Password Policy tab next:
This is another important section of Password Safe. This is your default policy for creating passwords. I like to choose a longer length (like 16 characters) and make sure there are at least 1 of every type of character. You can fiddle with this if you like, but this is just your default policy. For each entry, you can selectively change the policy to generate a password, which is handy if certain sites you use require different password policies. Click Password History next:
I would also suggest you set this history setting to something. By saving password histories per entry, you can save yourself some grief if you change the password to a site and somehow lose it along the way (it's very possible and sometimes easy to overwrite a password in an entry in PSafe; history let's you get those back). You want to select "Start saving previous passwords" so that new entries you create will have this option. Hit Apply, then head on over to the Security tab:
I would recommend at least these settings. We aren't going to make any changes to the System tab (but you can look at that if you want), so click OK in the Options window and we're ready to start making entries. From the main PSafe window, click Edit and then Add Group:
Name it something, then pick Add New Entry from the main toolbar:
Now we're into the nitty gritty of Password Safe. This is an entry for a username and password that you want to store (example, your online banking login). Understand that the Groups are only for your benefit; I have over 90 entries in my current PSafe database, so it helps to have those entries broken down into categories for easier navigation. Get in the habit of starting with Groups and you can make your database clean and easy to navigate from the start. Let's break down each section of the Entry page:
Group: We covered this in the above paragraph.Title: The name of your entry.
Username: The actual username for the login you want to store.
Password: Obviously. You don't have to fill this in, that's where Generate comes in.
Notes: Anything about the entry you want to store in addition (obnoxious security questions, anyone?).
URL: This can be anything, but most helpful is putting in the actual URL of the login page for the particular entry.
Autotype: You don't need to change this unless the default Autotype doesn't work (see Help).
Generate is where the goods are at. When you click this button, it auto-generates a password based on the policy you set in the Options menu. So, our default password policy was 16 characters long with everything (uppercase/lowercase letters, numbers, special characters). That's what we'll get when we hit Generate. Know that PSafe won't actually save or use that password in the entry until you hit OK. It should be obvious, but Show will let you see the random password it generated so you can marvel at its totally brilliant obfuscation. So what happens when you're creating an entry that doesn't accept your password that uses your default policy? That's where Override Policy comes in. Select this box and you get a window similar to the Password Policy tab of the Options menu:
Here you can tweak the length of the password, what kind of characters it uses, and even select the dummy "hexadecimal digits only" option at the bottom. The Override Policy button is very useful for making secure passwords even on sites that don't seem to care about security; one of my peeves is a site that says "no special characters" in their passwords. Fine, how about I throw a 32 character hexadecimal password at you? This option is again incredibly useful to solve any website's poor password policy but still let you use a strong, randomly generated password.
So once you've made an entry, hit OK and it's in your database now. This is where the fun begins. Now you've got the fun job of tracking down all those logins you use across the World Wide Web and turning them into Password Safe entries. Where to start? Well, for me it was obviously email, then banking and major purchase sites (like Amazon), followed by online forums and memberships. This can take a while, but it becomes well worth it once you realize the power and convenience of Password Safe. Usually the way to track these logins down and get them into PSafe goes something like this:
- Login to site (say, www.hotmail.com) and figure out how to change your password.
- Create a new entry in PSafe (perhaps under a group titled Email?), punch in your Hotmail username, and generate a password based on whatever policy you can get to work. (Sometimes this takes some trial and error.)
- Make this change to your account online (copy and paste works great, and a fundamental tool in using Password Safe).
- Save the entry in PSafe, then logout out of the website.
- Use the new PSafe entry to test the login again.
Jump back into that window you left open that has the contents of your PSafe install. I pointed out the actual application a little while back, but I do want to point your attention to a few other things:
The .psafe3 file is your actual database file itself. Hopefully you named it something more useful than "pwsafe" (I told you not to) as this is the file we become most concerned with. Not only for this tutorial and using it with Dropbox, but also just in general. Once you get into PSafe and become dependent on it (like me) this file should be copiously backed up and put in multiple places for safe keeping. Don't worry, the encryption scheme on a PSafe database is absurd enough that as long as your One Password is good enough, you can feel confident that your information is being kept securely in this file.
This .cfg file is your config for Password Safe. All that stuff we did with the Options menu? It's all in here, so if you ever move computers or need to reinstall Password Safe somewhere else, save yourself a step and snag this file (it isn't installed by default, cause it's only made once you make changes to your database options). This is helpful if you're upgrading to a new version of PSafe (using the Green install, of course) and don't want to troll through the Options menu again. Handy.
All right, in the interest of preventing this from becoming the longest blog post ever, I'm going to saddle up here and ride off into the sunset with promises of tomorrow being Dropbox day. So far this post has really just introduced you to Password Safe, but some more interesting ditties will come out of it once we get into Dropbox. Remember where you store your Password Safe database for now as we'll be coming back to it tomorow.
Until then!
To be concluded...
0 comments:
Post a Comment