Make Your Password Manager More Secure by Changing a Simple Setting

If you’re storing all your password in a password manager (as you should), you might be worried about someone gaining access to your files and brute-forcing their way into your password collection.

The best way to avoid this is by using a strong, random password, which will be impossible for a hacker to brute force. However, with the constant advances in computing power and hacking techniques, the bar for how strong your password should be is constantly increasing.

Luckily, there is a way to significantly improve the security of your password manager, without increasing the complexity of your password, and without much effort on your part.

All you have to do is change a single setting: the number of key transformations (also known as ‘password iterations’). Basically, when you input the master password in order to access your database, the software transforms this key multiple times before checking its validity (a process known as ‘key stretching‘). The more transformations, the longer it takes to check if a password is correct, and the longer it will take someone to brute force their way into your database.

KeePass, for example, currently specifies a default value of 6,000 transformations. However, on most modern computers, you could easily change that number to several million transformations without experiencing a noticeable increase in software loading time. This means that if you increase the number of transformation to 6,000,000, a hacker will now take 1,000 times as long to crack your password, while the program will still load almost instantaneously when you input the correct password.

In fact, KeePass lets you set the number of transformation so that it takes the computer exactly 1 second to check the password. On modern computers, these values can often far exceed the 6 million transformations value.

 

The KeePass database setting for changing the number of iterations/transformation the master password goes though.

 

Keep in mind that the loading time will vary for different devices; this will be especially noticeable if you access the password manage on mobile, so make sure you’re not setting the value too high.

Likewise, the optimal value might be different if you use an online service, such as LastPass, which currently recommends not exceeding 10,000 password iterations for client-side encryption (compared to the default 5,000), though they do allow users to go as high as 200,000.

The setting itself is generally easy to find in all platforms. In KeePass you will go to File > Database Settings > Security. In LastPass you go to Account Settings > General > Show Advanced Settings > Password Iterations.

 

LastPass setting for controlling the number of password iterations.

 

One more thing worth noting: while this post focused on password managers, this advice is also applicable in other types of encryption software. VeraCrypt, for example, allows you to set the number of iterations used for encrypting volumes, using their Personal Iterations Multiplier.

 

Summary and Conclusions

  • The master password to your password manager undergoes multiple transformations/iterations before being verified; this number scales linearly with the time required to login.
  • By increasing the number of transformations, you can easily improve the security of your password database.
  • This will lead to a negligible increase in software loading time for you, but will significantly increase the time it takes to brute force the password.
  • When setting the number of transformations, make sure to account for the different processing power of the devices you will use to login (especially if you use mobile).
  • Instructions on how to do this are generally easy to find. If unsure, search for ‘software name + key transformations’ or ‘software name + password iterations.

 


Fold Paper Towels to Save Time, Money, and the Environment

Folding paper towels makes them more effective at absorbing liquids, which can help you save a bit of time and money, while also reducing your ecological footprint. This obviously has only a small impact on things, but considering it’s something you just learned in about 10 seconds and can easily implement, it’s definitely a useful thing to know. If you’re curious why folding your paper towels is beneficial, read on.

 

Why folding is better

Folding your paper towel makes it a more effective cleaning tool for two primary reasons:

  1. Increased absorption rate- this occurs due to laminar flow channels between the between the folded parts, which reduce the viscous flow resistance.[1,2] All this increases the rate at which the towel is able to absorb water through capillary action.
  2. Greater absorption capacity- a folded towel can hold more water than an unfolded towel of the same size, because water is stored between the folds of the towel. (A TEDx talk on the topic refers to this as “interstitial suspension”).[1,3,4]

There are two other advantages to folding. First, folding the towel means that it is able to absorb more liquid at each pass (even without interstitial suspension), so using it will require less time and effort on your part. Second, a folded towel is going to be smaller, so a greater portion of its area will come into direct contact with the liquid, leaving less unused (and therefore wasted) edges.

Aside from saving you time and money, saving paper towels through folding is also good for the environment: millions of tons of paper towels are currently used annually around the globe, and the North American market has the highest rate of consumption per capita.[5]

 

Picture of the trees you're supposed to save.

 

In terms of folding it in half or in thirds: it appears that a tri-fold is generally more effective than a bi-fold.[4] Based on this, it’s reasonable to assume that folding more is better, but there is likely to be an upper limit where you’ll start running into absorption issues. It’s up to you to decide how many times to fold it, based on what works and on what’s most convenient; this would obviously depends on the size and type of the paper towel.

 

Saving paper when washing hands

Since we’re already talking about helping the environment, another thing you can do is shake your hands over the sink a few times before wiping them with a (folded) paper towel. This helps reduce the amount of paper towels you need in order to dry your hands. In terms of time, there is no noticeable impact, since the time shaking your hands balances out with the time wiping them with the extra towels. (This method is originally referenced by this TEDx talk as the “shake and fold”).

 

Summary and conclusions

  • Folding paper towels increases their absorption rate and capacity.
  • Folding your paper towels before using them can help you save time and money, while also helping the environment.
  • After washing your hands, shaking them before wiping can also help reduce the amount of paper towels you need.