portable apps

New Device: iPhone

I’m psyched!  I’m long overdue for a hardware refresh, and Christmas helped move me along.

On the digitalism front, I’ll be testing my resolve…since I’ve really acquired a portable computer that doubles as a phone.  The iTunes app store is something I’ve had no interest in, but after only 48 hours of getting my hands on the phone, I see it’s going to be tough to hold off on adding lame and unnecessary apps.

Already on my netbook, I’ve installed iTunes (and its required QuickTime).  It’s a bulky app, but a fairly necessary evil for managing iPhone media content.

I’ll be updating the rest of the site soon.

I’m Excited: PortableApps Adds Freeware

I’m adding a few new PortableApps to my arsenal since they’ve started offering portable versions of some popular freeware.  My first adds are:

  • FreeCommander
  • Skype
  • SpyDLLRemover
  • IcoFXPortable

I’m holding off on portable Google Chrome for now…as I’ll be tempted to uninstall my local copy and I’m not ready to do that until I hear some feedback on the PortableApps version functionality.

The official announcement is here if you care to read it.  Anyone else excited?

Passwords…on (in?) my digital keyring

We all have passwords, and they need to live somewhere.  My history:

Oh the days when they could all be kept straight in my head…that was great.  I was a big fan of picking a single word, then substituting in one numeric character for a similar looking letter.  5wordfish and c1etus were my favorites.  You may recognize Cletus as a (then) lesser known character on the Simpsons.  Who ever would think that I’d pick his name, and be smart enough to stuff a letter in the middle?  Those were the days.  My Geocities account couldn’t have been safer.

Eventually, sites started requiring an uppercase letter…fine.  Then C1etus it would be.  However, this soon morphed into inconsistent requirements from web account to web account.  Lame.  Okay…time to formalize this a bit further…add a rule so I’ll know it’ll be one of three potential password case combinations.  Swell.  It’s a little more complicated, but I can handle it.  Most of these sites don’t lock me out with three tries anyway.

This worked pretty well, but shoot, soon my standard username was taken by someone else.  Who would have thought that “soupanderson” would be such a popular handle?  Soon, two handles became three, became a dozen–and was sometimes one of my four email addresses (a lot at the time).

This turned into a text file with codes…website name, code for whether it was a username or email address, last letter of the user name, then a hint to which of my growing array of passwords.

Lately, every site thinks their formula for password requirements is somehow better than any other site.  Must be 9 characters, have at least one uppercase letter, one lowercase letter, one number, one special character, no spaces, and no repeating letters.

IE and Firefox (ok, an chrome too) have integrated password managers.  I adopted the Firefox password manager with an extension called “master password timeout” which forces me to enter a super password if I’m not active in the browser for any 2 minute period.

This worked great…but made me nervous.  I’m not the best at locking my workstation if I walk away, and I was an early adopter of portable applications (read: carried my digital life around with me on a 512MB USB drive, later my iPod).

Then came the popularity of online banking.  All of a sudden, I could access secure information about my financial life through my home (or public–yikes) PC.  It started with credit cards, then moved to online brokering and banking like e-trade, then got mainstream with Wells Fargo, TCF Bank, and US Bank. At this point, it didn’t take a slack-jawed yokel to recognize that a simplistic password strategy was just asking for trouble.

I decided to abandon the browser-saved-credentials ship while I was ahead of the game.  My go-forward solution:KeePassPortable (based on KeePass Password Safe).  I’ll deep-dive on the app another time, but the important bullets include:

  • Encrypted password file: All of my passwords live in one file, which i can back up as desired, and have a single, ridiculously difficult password to remember, as well as an optional keyfile.
  • Easily searchable: one search box to go through my entire password database.
  • Lightweight, portable application: It’s not intrusive into my computing experience, and open source to boot.
  • Each entry gives me latitude to add notes and other meta data so I can keep things straight.

The biggest downside is that I find myself more and more dependent on KeePass.  As this compounds, I need to open my password file more often, which provides more opportunities for my master password to be compromised.  Though this can be a bit nerve-racking, a good password rotation should keep this in check.

I’ve held firm with the KeePass approach for a solid couple of years now, and it’s still the best play as far as I’m concerned.