Sure, as an activist you have better things to do than memorizing passwords, but does that mean you should keep using “Che1928” for all your accounts ? Bad idea, seriously ! Not only could your password be leaked by a law- abiding provider or exposed by a security flaw, but it also can be hacked using a simple PC in a couple of minutes. If you don’t believe me, enter your password here, you will be surprised …

The solution to the problem is actually pretty simple. First, you need to come up with ONE strong password. The internet is full of guides on how to do this and yes, length is important. Actually if your password is long enough you can ignore most of the other hints and guidelines, as explained in this nice XKCD comic.

Once you have the “one password to rule them all”, you use it as master password for  KeePassX and generate a strong password for each of your online accounts which you simply copy / paste into the browser afterwards.

Why KeePassX ? It is Open Source, easy to use and is available for all major operating systems. For Android there is a compatible app called KeePassDroid, allowing you to take your passwords on the road, together with other sensible data like banking pins etc., that you have been storing “cleverly” disguised as a phone numbers or just written on a sheet of paper in your wallet until now.

If you are regularly adding or changing passwords, you will want to sync the ,kdb file between your different computers and your phone. You can use any cloud storing service for this, even Dropbox or M$ One Drive because KeePassX uses strong client encryption to keep your passwords safe.

Of course it is a little work to set it all up and change your online passwords, but once you get it working, KeePassX solution is surprisingly comfortable. And, most important, “we have been hacked – please change your password” emails lose a lot of their horror because it takes just one minute to generate a new password for any account.