What's your mothers maiden name?

We're all familiar with these questions, I have even used something similar on this site you can use as last ditch effort to recover an account. They make recovery of passwords usually an easy venture but what you may not be aware of is that many accounts get hacked because of them. It could be just as easy for someone else to answer these questions. This might be your spouse, ex wife or girlfriend, co worker or someone that just doesn't like you. The recent example of Sarah Palin's mail account getting hacked is a prime example. I believe the question was "What High School did you got to?" or some similar question where the answer was easily found. Some of the other questions may not be easily found but it doesn't preclude someone that knows you from knowing the answer.

The solution is quite simple... Lie. Most of these questions will allow any answer.

Q: What's your first pets name?
A: biyregrbivnygntvgnterthnb

Don't use Astro either.

Of course that screws up the reason for them in the first place which is to make it easy for you to remember. There are other solutions for that specifically password lockers. I'll recommend Keepass, this will allow you store all your passwords in one place locally on your own computer. The file itself is encrypted and password protected if someone gains physical control of your computer. The software allows for many other things besides listing the username and password, there's a notes section and you could for example use different answers for these question on every site.

What a cool little program! (Unless there's some secret back door that mails all your passwords to the inventer LOL) How long have you been using it? I just downloaded it. Once I hear that you've used it woth no issues I'll install it. Thanks!

I've been using it for quite a while and it's quite popular, I really need it as I have so many passwords between the server, forums, ftp... the list is endless. I probably have 50 entries.

It's open source which means anyone can download the source code and read it so backdoors are really hard to place.

Here's a quick tip, you can right click an entry which will place the password on the clip board for 10 seconds so you can just paste. The 10 second limit can be changed in the options.

Is it equal to or better than Roboform, which encrypts passwords and uses one master password, but also fills out forms?

I don't know how the two compare but they appear quite similar. There are other programs that do this too. The file it stores on your computer is encrypted. It doesn't automatically fill out forms but there are some plug ins that will allow it to do that and some other things. Having said that I'd be leery of anything that was performing automatic actions. Do you have it invoke it before it will fill out a form? I would certainly hope that is the case.

Even where you have forms that you specifically want it to fill out they could have hidden fields. For example suppose you go to website and only want to provide your email address, if the form had hidden fields for phone, address etc the program could fill in that data and you would never even know it was filled.

Yes, you have to log-in to have it fill out forms, but when you set it up, you fill out all the information that you want displayed in any form, so if you don't want a specific bit of information to automatically be in any form, just don't include it in the master.

Our lenovos came with ThinkVantage Password Manager. Works really nice, automatically fills in USERNAME/PWD on online forms and websites. Single password controlled. Many options. Can be turned off & on.