Sticky Password 3.3
.
Good morning everyone!
I'd like to speak a little about password security, which is the subject of today's review.
Hackers, by their very nature want to cause mayhem wherever they can, just because they can. If they succeed on your machine, then who's to blame? Don't blame them ;) it's your own fault for not having good computer and password security set up.
Developer: Lamantine Software
Supported Languages: English/Dutch
System Requirements: Windows 95/98/Me/NT/2000/XP/2003 Server/Vista
Additional Requirements: None.
Tested on: Windows XP Pro.
You will get naysayers, from time to time, who tout the analogy that "it's wrong to keep all your credit cards etc., in the same wallet." But if you think about it, that's exactly what we do, without giving them a second thought, (unless we lose them!) We trust our banks to have the best security set-up, in order to protect our accounts from prying eyes or hackers that would just love the opportunity to transfer money out of your account and into their own.
Likewise, it's your OWN responsibility to choose a strong, effective security set-up in the home or business, so that you can trust and feel secure in the knowledge that all your passwords are stored safely and can't be accessed by the same prying eyes.
I had used Roboform for so many years that I honestly never thought I'd change - until I found 'Sticky Password' many months ago. This is the only password protection software that I not only thought came close to Roboform; but surpassed it with some great features, which will discuss a little later.
I'll probably make a couple of references to RF, in today's review, as I also have a working reference with it, for comparison with Sticky Password.
So, the question of the day is: What can you safely protect with Sticky Password? The answer of course is; anything to which you can apply a password, which means most programs, as well as on-line browser log-ins.
Passwords examples:
So what are considered bad (extremely vulnerable,) passwords?
NEVER USE: Spousal or children's names; or even those of your pet; boyfriend's/girlfriend's names; maiden names; street names etc;
NEVER USE: Words that can be found in the dictionary - this includes foreign words;
NEVER USE: Passwords constructed of only letters or numbers;
NEVER USE: the same word as any of your log-ins, or even an anagram of the same;
NEVER USE: Birthdays/anniversaries/Social Security #s or phone #s;
NEVER USE: Passwords created with double #s or characters;
Some of the worst passwords that I've ever seen are:
PASSWORD/ADMIN/123456/987654/dog's name/Company/Dept., name.
OK, so how do you construct the best passwords?
An extremely well known password expert named George Schaffer, expounds that the longer password is far more effective than the shorter one and not nearly as easy to crack.
The message with Sticky Password, is to create passwords that you'll never have to remember; ensuring that each one is at a very minimum 8 characters long.
You can be very innovative if you try! ;)
Try using the first letters of each word in the last line of your favorite song or poem; e.g., I like the song "Rhiannon" by Fleetwood Mac. The last line of the song is "Dreams unwind; Love's a state of mind." So the resulting password would be: DULASOM. or even MOSALUD (reverse it,) if you really wanted to be safe!
However, you'd need to increase its strength, by adding some other characters:
2Du`Lasom! Here, I've added: a numeral (2) a
flick (`) and an exclamation point (!) making this a somewhat impossible cookie to crack;
Ensure that you always use a combination of lower and upper-case letters WITH numbers PLUS other keyboard characters.
So how do hackers work?
You need to remember that the first two personality traits that come into play with the hacker mind are; deviousness and tenacity. They have patience and will not hesitate to use any of several methods by which to access your files. The three most often used are: social engineering; dictionary attacks and - brute force.
Social engineering: This is usually carried out OFF-line. There are so many examples of this method, that I'm going to refer you to Social Engineering Fundamentals, Part1: Hacker Tactics. Here, you'll be able to find out just how vulnerable you really can be. If you'd like more information on this method, just Google "social engineering," and you'll get all the information you can handle reading.
Dictionary attacks: Probably the first line of attack and extremely useful against people who choose a single word for their password. (The hackers dream user!) Even if the word has absolutely nothing to do with your life, (dog's name etc.,) your password can be cracked as the hacker's very adept software zips through multiple dictionaries to find and match your word.
Brute force: This is probably the one that is best known (but takes the longest time,) and involves using software that begins by trying every possible combination of letters; numerals and keyboard strokes to achieve its end. The software begins with trying every keyboard character, then two key combinations, then three and progresses from there.
User BAD HABITS:
GUI (Graphical user interface:)
The database in my own Sticky Password software, currently holds around 140 log-ins and passwords for me. The GUI is clean and easy to navigate from one purpose to another. I found all functions/set-ups to be intuitive - even for those who have never used such programs before.
There is a column on the left side, that allows you to configure the various functions within the interface. The top section being :
Tasks: You can see all your password accounts with export/import settings and the ability to rescue unprotected passwords from elsewhere. There is also a very efficient search function that allows you to search your database if it becomes really large.
Settings:
You can choose to have a Master password AND your normal password. If anyone does manage to hack into your system, they're not only going to have to figure out each password for each account; but also the Master password that unlocks the normal password. This may seem like overkill to you, but believe me, it won't if you ever find out that you're the target of a hacker.
Some users tend to bypass using the Master password, but I prefer to use it and have that extra layer of password protection. You've probably read my views on which encryption algorithm is best, however it bears repeating again. This program uses AES (aka Rijndael,) which is also the same algorithm used by the U.S. military to keep their Secret Documents safe from those who have no business reading them.
Should you wish to do more reading on this encryption algorithm, Wikipedia would be a great place to start.
There aren't any other settings to configure - which means that you can get up and running almost as soon as you install the software.
Restore:
Interestingly, any new passwords that are created are automatically added to the last back-up that you ran for the program. This section will also show you a log of any back-up changes. A calendar to the left, displays past back-up dates, so that you can see at a glance, the last time a back-up for your passwords was run.
I have tested the restore feature, and I have to say that it does work like a charm. :)
Help File:
Clear; in-depth and efficiently laid out - and best of all, contained within the program, not forcing the user to open a browser, like some software does.
Customer Service:
One person I know received assistance from Lamantine Software within a few hours. When she lost her registration key, they gave it back to her without issue.
Although I've had no reason to use them myself, I have no reason to believe that their customer service regarding other issues, wouldn't be handled just as promptly.
Features:
This software has so many features over other password software, that it really made my choice easy.
Automatic form filler;
Can save a huge amount of working time logging into sites that you visit frequently; (I visit many in the course of a day!)
Doesn't just store the password, but also your username/login information;
Supports Bluetooth authentication to secure database;
Encourages users to choose stronger, safer passwords;
I honestly haven't found any as yet. But as with any review, if I find any subsequent flaws or bugs, I'll add an addendum and credit it to the person who made me aware of such.
Points:
For the amount of functionality; features; strength and peace of mind that this little application can give you, the asking price is an excellent one.
Summary:
Sticky Password is truly efficient software to store all your passwords with absolute safety, both on-line (with browsers,) and OFF-line with other programs that you own, which might also contain sensitive or private information.
It works straight out of the tin and doesn't make any claims or promises that it can't keep. As I mentioned earlier, I swapped from another title to this little software gem and plan to remain with it.
Recommendation:
I do recommend Sticky Password. I've been using it for many months and still haven't found any other software that comes to par with it.
Why not spend a little time shopping at ~ Software by Swan ~
If you enjoy my reviews, please vote for this blog - votes are always appreciated and give more visibility to my clients and their products, which therefore obtains more work for me - thank you! :) Not to mention that it improves your own karma!
Enjoy the gorgeous fall day everyone! :)
~ Swan
All Content is Copyright (c) 2007 Swan-Reviews-Almost-Everything.blogspot.com - All Rights Reserved.
Good morning everyone!I'd like to speak a little about password security, which is the subject of today's review.
Hackers, by their very nature want to cause mayhem wherever they can, just because they can. If they succeed on your machine, then who's to blame? Don't blame them ;) it's your own fault for not having good computer and password security set up.
Developer: Lamantine SoftwareSupported Languages: English/Dutch
System Requirements: Windows 95/98/Me/NT/2000/XP/2003 Server/Vista
Additional Requirements: None.
Tested on: Windows XP Pro.
You will get naysayers, from time to time, who tout the analogy that "it's wrong to keep all your credit cards etc., in the same wallet." But if you think about it, that's exactly what we do, without giving them a second thought, (unless we lose them!) We trust our banks to have the best security set-up, in order to protect our accounts from prying eyes or hackers that would just love the opportunity to transfer money out of your account and into their own.
Likewise, it's your OWN responsibility to choose a strong, effective security set-up in the home or business, so that you can trust and feel secure in the knowledge that all your passwords are stored safely and can't be accessed by the same prying eyes.
I had used Roboform for so many years that I honestly never thought I'd change - until I found 'Sticky Password' many months ago. This is the only password protection software that I not only thought came close to Roboform; but surpassed it with some great features, which will discuss a little later.
I'll probably make a couple of references to RF, in today's review, as I also have a working reference with it, for comparison with Sticky Password.
So, the question of the day is: What can you safely protect with Sticky Password? The answer of course is; anything to which you can apply a password, which means most programs, as well as on-line browser log-ins.
Passwords examples:
- PhotoBucket;
- UPS/Ebay/UTube;
- Grocery shopping/Florists;
- Amazon/Comcast/MarketWatch (shares;)
- Travel arrangements/and hotels/motels;
- Event and movie tickets;
- Wedding/baby registries;
- Bank and PayPal Accounts;
- GI Joe/Cabella purchases;
- Other random internet purchases;
- Forums;
- All my Google; Ad-sense and other advertising accounts;
- Community log-ins;
- Encryption and protection of all sensitive files on your system; including blueprints; floor plans etc.
So what are considered bad (extremely vulnerable,) passwords?
NEVER USE: Spousal or children's names; or even those of your pet; boyfriend's/girlfriend's names; maiden names; street names etc;NEVER USE: Words that can be found in the dictionary - this includes foreign words;
NEVER USE: Passwords constructed of only letters or numbers;
NEVER USE: the same word as any of your log-ins, or even an anagram of the same;
NEVER USE: Birthdays/anniversaries/Social Security #s or phone #s;
NEVER USE: Passwords created with double #s or characters;
Some of the worst passwords that I've ever seen are:
PASSWORD/ADMIN/123456/987654/dog's name/Company/Dept., name.
OK, so how do you construct the best passwords?
An extremely well known password expert named George Schaffer, expounds that the longer password is far more effective than the shorter one and not nearly as easy to crack.
The message with Sticky Password, is to create passwords that you'll never have to remember; ensuring that each one is at a very minimum 8 characters long.
You can be very innovative if you try! ;)
Try using the first letters of each word in the last line of your favorite song or poem; e.g., I like the song "Rhiannon" by Fleetwood Mac. The last line of the song is "Dreams unwind; Love's a state of mind." So the resulting password would be: DULASOM. or even MOSALUD (reverse it,) if you really wanted to be safe!
However, you'd need to increase its strength, by adding some other characters:
2Du`Lasom! Here, I've added: a numeral (2) a
flick (`) and an exclamation point (!) making this a somewhat impossible cookie to crack;Ensure that you always use a combination of lower and upper-case letters WITH numbers PLUS other keyboard characters.
So how do hackers work?
You need to remember that the first two personality traits that come into play with the hacker mind are; deviousness and tenacity. They have patience and will not hesitate to use any of several methods by which to access your files. The three most often used are: social engineering; dictionary attacks and - brute force.
Social engineering: This is usually carried out OFF-line. There are so many examples of this method, that I'm going to refer you to Social Engineering Fundamentals, Part1: Hacker Tactics. Here, you'll be able to find out just how vulnerable you really can be. If you'd like more information on this method, just Google "social engineering," and you'll get all the information you can handle reading.
Dictionary attacks: Probably the first line of attack and extremely useful against people who choose a single word for their password. (The hackers dream user!) Even if the word has absolutely nothing to do with your life, (dog's name etc.,) your password can be cracked as the hacker's very adept software zips through multiple dictionaries to find and match your word.
Brute force: This is probably the one that is best known (but takes the longest time,) and involves using software that begins by trying every possible combination of letters; numerals and keyboard strokes to achieve its end. The software begins with trying every keyboard character, then two key combinations, then three and progresses from there.
User BAD HABITS:
- DO NOT stick your passwords on your monitor;
- DO NOT place a piece of paper with your passwords under your mouse pad or keyboard;
- DO NOT keep the same passwords for longer than 2 months at a time, change them ALL regularly;
- DO NOT use the same password twice;
- DO NOT store all your passwords in an Excel spreadsheet.
GUI (Graphical user interface:)
The database in my own Sticky Password software, currently holds around 140 log-ins and passwords for me. The GUI is clean and easy to navigate from one purpose to another. I found all functions/set-ups to be intuitive - even for those who have never used such programs before.There is a column on the left side, that allows you to configure the various functions within the interface. The top section being :
Tasks: You can see all your password accounts with export/import settings and the ability to rescue unprotected passwords from elsewhere. There is also a very efficient search function that allows you to search your database if it becomes really large.
Settings:
You can choose to have a Master password AND your normal password. If anyone does manage to hack into your system, they're not only going to have to figure out each password for each account; but also the Master password that unlocks the normal password. This may seem like overkill to you, but believe me, it won't if you ever find out that you're the target of a hacker.
Some users tend to bypass using the Master password, but I prefer to use it and have that extra layer of password protection. You've probably read my views on which encryption algorithm is best, however it bears repeating again. This program uses AES (aka Rijndael,) which is also the same algorithm used by the U.S. military to keep their Secret Documents safe from those who have no business reading them.
Should you wish to do more reading on this encryption algorithm, Wikipedia would be a great place to start.
There aren't any other settings to configure - which means that you can get up and running almost as soon as you install the software.
Restore:
Interestingly, any new passwords that are created are automatically added to the last back-up that you ran for the program. This section will also show you a log of any back-up changes. A calendar to the left, displays past back-up dates, so that you can see at a glance, the last time a back-up for your passwords was run.
I have tested the restore feature, and I have to say that it does work like a charm. :)
Help File:
Clear; in-depth and efficiently laid out - and best of all, contained within the program, not forcing the user to open a browser, like some software does.
Customer Service:
One person I know received assistance from Lamantine Software within a few hours. When she lost her registration key, they gave it back to her without issue.
Although I've had no reason to use them myself, I have no reason to believe that their customer service regarding other issues, wouldn't be handled just as promptly.
Features:
This software has so many features over other password software, that it really made my choice easy.
- Binds password management features to any software on your computer, not just limited to browsers;
- Multiple browser compatibility;
- Portable database, with USB use facility, (costs US$40.00 extra to include this with RF!)
- Anti-phishing feature: e.g. when you are submitting a password on a website, it detects whether or not it’s on the domain name showing in the browser or if it’s a fraud or simulated one;
- Excellent demo instructions that teach you well;
- NO toolbar installation. (RF does install a toolbar;)
- Indicator button on task bar lets you know when Sticky Password will work with a particular program;
- Extremely strong and effective password generator;
- Easily imports passwords from other password programs;
Automatic form filler;Can save a huge amount of working time logging into sites that you visit frequently; (I visit many in the course of a day!)
Doesn't just store the password, but also your username/login information;
Supports Bluetooth authentication to secure database;
Encourages users to choose stronger, safer passwords;
- Export the DB to a text file;
- Virtual keyboard; I love using this feature!
- Can handle multiple log-ins for the same site (eg: different profiles;)
I honestly haven't found any as yet. But as with any review, if I find any subsequent flaws or bugs, I'll add an addendum and credit it to the person who made me aware of such.
Points:
- Originality: 7/10
- Functionality: 8/10
- Intuitiveness: 8/10
For the amount of functionality; features; strength and peace of mind that this little application can give you, the asking price is an excellent one.
Summary:
Sticky Password is truly efficient software to store all your passwords with absolute safety, both on-line (with browsers,) and OFF-line with other programs that you own, which might also contain sensitive or private information.
It works straight out of the tin and doesn't make any claims or promises that it can't keep. As I mentioned earlier, I swapped from another title to this little software gem and plan to remain with it.
Recommendation:
I do recommend Sticky Password. I've been using it for many months and still haven't found any other software that comes to par with it.
Why not spend a little time shopping at ~ Software by Swan ~
If you enjoy my reviews, please vote for this blog - votes are always appreciated and give more visibility to my clients and their products, which therefore obtains more work for me - thank you! :) Not to mention that it improves your own karma!
Enjoy the gorgeous fall day everyone! :)
~ Swan
All Content is Copyright (c) 2007 Swan-Reviews-Almost-Everything.blogspot.com - All Rights Reserved.
KudoSurf Me!
Shop for your software needs at: ~ Software by Swan ~
Developers, Software Houses and Web Designers:
Please contact Swan if you'd like to purchase a candid, constructive review, under privately agreed terms, of your software; games; or web site design.
Advertisers:
Please contact Swan, if you'd like to arrange for advertising of your product on this web site.
Related Articles
Comments
Be the first to leave a comment!
About the Author
21 Kudos
+ Kudo
People in Pictures
Top Culture Articles
 |
Late Night Jokes about Sarah Palin
Sarah Palin sparks a cultural war of words.
|
 |
Is Gay Marriage Anti-Black?
What does gay marriage mean in black America?
|
 |
Top 10 Questions about Body Piercing
“Finally got myself some guts and did this! And oh yes, it hurt!"
|
Popular Culture Zines
