April 18, 2006 7 Comments
From a security standpoint, I should have unique usernames and passwords for 40+ services. Think about all of the services you’ve used that/those good password(s) on—the last.fm, myspace, facebook, itunes, xanga, livejournal, gmail, hotmail, aim, msn, icq, yahoo im, all of the forums you may be a part of, del.icio.us, blogger… oh and if you’re of the techie persuasion… your active directory password, your shell passwords, your ftp passwords, your email accounts, the databases, mailing lists, gallery installs… the list can go on forever. Most of us aren’t oblivious enough to write the passwords down—or worse, create a text file with a list of our accounts/urls and passwords… let’s face it:
By using a fixed set of passwords that do not fluctuate, we have created a gaping bottleneck which could serve as a gateway to a complete identity breach.
I’m sure as hell not smart enough to remember a strong unique password for each service that requires a username/password set. If you’re that smart, you should be reading books about String Theory or a writing really complex musical piece. Unique Strong passwords are a nightmare to manage! Any way you slice it, even if you have a ‘password convention’ you still aren’t being as secure if you had completely independent passwords.
Enter password management software. Enter Defygo.
Defygo is software designed to make your security easier to obtain. The software’s name is a play on the Latin word for security. It’s been pretty awesome watching this piece be developed. The staff at e-liberty has been hard at work on this project for a while.
The feature of Defygo I use the most is a roaming identity management. It’s a password vault that is web based. The obvious question here is “should I trust it?”—let’s just say if there is a compromise of their technology it could be considered a miracle in my eyes. Other features include email encryption, file encryption, and a secure buddy listed messaging program (cryptograms).
A little more on Defygo’s security…All data is all transferred over SSL—- everything is encrypted. I was lucky enough to get to see their master database from phpMyAdmin and it looked like I was staring at The Matrix. I could go on more about how secure this program is, but I honestly do not understand all of the security behind it. If you’re a security guru, Defygo’s Tech Specs should appease your needs.
So…if you’re not a super genius and you value your digital identity, give Defygo a try.
Oh, and for the developers out there: The Frontend is done in VB.NET (maybe this will make Scoble happy) and the backend operates on PHP/MySQL (which makes me very happy).