FAQ: Frequenly Asked Questions

View previous topic View next topic Go down

FAQ: Frequenly Asked Questions

Post by Admin on Wed Mar 02, 2016 12:34 pm

I don't get it.  What does this do?

This is what computer security professionals recommend for your passwords:

  • Never use real words or names.
  • Never use simple patterns like "abcdef" or "123456" or "aaa111".
  • It's best to have a computer generate a sequence of random characters for you to use as a password.
  • Your passwords should be long, i.e., at least 12 characters and preferably longer.
  • You should have a separate password for each and every site/app you use.
  • You should commit your passwords to memory.  Never write them down where people could see them or store them where hackers could get them.
  • You should periodically change your passwords.

We believe actually managing your passwords this way is not possible for a human being, even for computer security professionals.  However, Password Alchemist makes following those guidelines manageable and even easy.

If you give it a weak password, Password Alchemist will give you a strong password.  Suppose you can never remember your password, so you like to use "password" or "abc123" as your password.  Suppose you want your forumotion.com password to be "forumotion" so you can remember it.  Those are easy to guess and are insecure.  Type any of those into Password Alchemist and it will generate a strong, secure password that is unique to you and to the text you entered.  As long as you type in the same weak password, Password Alchemist will give you the same secure password.  Passwords are now easy to remember/retrieve and nearly impossible to guess.

So, this is a password manager?

No.  Unlike a password manager, Password Alchemist never stores your passwords.  We don't even store the weak passwords (site names) you enter in a way that someone can figure out what you've entered.  And, unlike a password manager, Password Alchemist doesn't store the usernames you use with your passwords.  If a hacker breaks into your password manager, the hacker gets everything he needs to use every site/app you use -- your username, password, and the site/app for which they work.  Not so with Password Alchemist.

Password Alchemist generates a password as a random sequence of characters based on the text you've entered as a site name, and it does this in a repeatable manner.  So, every time you enter the same text site name, Password Alchemist will generate the same password.  That's what Password Alchemist does.

What Password Alchemist is is an additional security layer between you and on-line services you use.  Suppose your on-line banking password is "bank" because anything more complex is just too hard to remember.  Most on-line banking sites and apps won't let you use something that simple as a password.  It's just way too easy to guess.  However, if you enter "bank" into Password Alchemist, it will give you a password like "CufIbkak3ueu%0x:".  You can then use that as your on-line banking password.  You only have to remember "bank" but your on-line banking password is "CufIbkak3ueu%0x:".

If you like, you can store passwords generated by Password Alchemist in a password manager.  However, some computer security professionals recommend never storing passwords with access to your money (banking and perhaps even online shopping sites) or other particularly sensitive passwords in a password manager.  For those passwords, Password Alchemist is your best bet.

What if other people use the same site name?  Will they have the same passwords?

No.  Each installation of Password Alchemist generates entirely different passwords for any given site name.  For someone to get your password, they'd have to use the same site name you do and use it with your Password Alchemist.

Why do we have to enter a site name?  Does it really have to be a site name?

We call it a site name because it's really a good idea to have a different password for each site you use.  An easy way to do that is to use a different site name for each site or app you use.  For example, you could use "amazon" as your site name for amazon.com and "gmail" as your site name for gmail.com.  But, Password Alchemist will accept any text you enter as a site name (e.g., "password", "abc123", "letmein", etc.) and generate a password from it.

What if I have to change my password for a given site or app?

Suppose your bank forces you to change your password periodically, e.g., every 90 days.  There are two ways you can do that.  One is manually: you can use the site name "bank1", "bank2", "bank3", etc. for each password change.  You can make that a little easier by using a site name like "bank 16q1" for first quarter of 2016.

However, you can use the same site name and tell Password Alchemist to change the password it gives you.  Using the Change Password tool, you can enter the same site name (e.g., "bank") and Password Alchemist will give you an entirely different sequence of random characters to use as your newly changed password.  You can change your password as often as you like, but your site name can remain "bank" as long as you like.

Admin
Admin

Posts : 3
Join date : 2016-03-01
Age : 54

View user profile http://passalch.forumotion.com

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum