Helping people with computers... one answer at a time.
You can save your passwords insecurely... if you want. But it would be better to rely on software designed for the job.
I have an iPad and I was thinking I could keep a list of passwords on a Note page. Is the iPad secure enough to do this?
In this excerpt from Answercast #43, I look at methods of securely saving passwords and recommend applications designed for the job.
My gut reaction is to say no.
In reality, it can be... but what you've described is very, very simple and unfortunately, it's too simple.
You could easily lose your iPad and anybody who then gets a hold of it has this note that contains all of your passwords.
Whether or not that's a problem for you, well, I guess it depends on who finds it and what other information on that iPad may lead them to the accounts for which those passwords apply.
In reality, it can be safe.
The way it becomes safe is if you have your passwords stored in some kind of encrypted repository. In other words, if you have an application that you can use to encrypt the data:
So that if somebody does get a hold of your iPad;
Or somehow the data on your iPad becomes compromised;
The data that contains your passwords is not visible without knowing some kind of master password.
You can do that with an encrypted note. I assume that there are applications on the iPad (and other mobile devices) that will let you take a note (or a file, or a text file, or a document) and encrypt it in some form – that's great.
What I actually recommend you do instead is to get an application that is specifically designed to solve the very problem you're attempting to solve.
In both cases, an actual application is downloaded and installed on your device. That application's job is to maintain your passwords (a list of your passwords; a repository of your passwords) in an encrypted form.
When you use a utility like LastPass or RoboForm, you get the added benefit of automatic synchronization with whatever other devices you might have.
In my case, I have several PCs; I have several laptops; I have my Mac; I have my phone; I have my tablets.
LastPass works on all of them and when I add a password or update a password on any of those devices, it's automatically synchronized securely to all of the others.
LastPass is particularly unique in that it does the encryption and decryption only on the devices; in other words, nothing is ever transmitted that isn't encrypted.
When I change a password on a machine:
It then gets encrypted;
And is then transmitted to the LastPass servers;
And then from those servers on down to my other machines.
It's only decrypted when I provide the correct master password.
So that's my advice.
You can do what you're doing. You do need to take some extra steps.
The extra step that I recommend you take is to actually get an application
that's designed to solve the very problem that you're trying to solve.
Something like LastPass or RoboForm.
Next from Answercast 43 – Could someone set up a Facebook account in my name?
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.