Don't Clip Your Password
When a site requires you to enter the password twice there is a temptation to use cut-n-paste: enter the password once, highlight it, clip it (control+C or Edit->Copy), and paste it (control+V or Edit->Paste) into the second field.
While cut-n-paste may be easier than typing a long password twice, it does leave you open. A web program (or script) could read your clipboard and collect your data.
There are three ways around this:
1) Never clip your password.
2) Clip something else immediately after you paste your password.
3) Use a program that wipes the password automatically after so many seconds.
I have over 200 passwords I am supposed to remember so I use a program called a "password safe" to store them for me. The password safe creates safe passwords, stores them securely, and makes using them easy. The one I got, KeePass, is available at SourceForge. This whole idea was started by the computer security guru Bruce Schneier. I've also seen some commercial password safes that go a little further and wipes-out the copy of the password that will temporarily be stored on your hard disk.
Any ways, KeePass automatically enters my passwords so I don't need remember all of them and I don't need to copy-n-paste them. I also have it set-up to clear my clipboard after 15 seconds. While I could do the job in 5 seconds, the extra time gives me some elbow room in case something happens like when my Anti-Virus is updating and a little window pops-up.
When it creates a password, how many characters to use and which kind of characters. Every character and every additional kind of character increases the strength of the password almost two fold. And it does it in as close to a random way as a computer can muster.
Dave Keays is an independent web programmer specializing in Drupal and the security of Drupal. In addition to web developing He keeps track of trends on the Internet.
Article Source: ArticlesBase.com - Don't Clip Your Password