Pinterest Stumbleupon Whatsapp

mitto.logo.shadedI’ve been a long-time nay sayer to any sort of online password manager, citing mainly reasons of security, and I took upon myself to maintain a Google Docs spreadsheet with all my >=12 character passwords How To Create Strong Passwords That You Can Remember Easily How To Create Strong Passwords That You Can Remember Easily Read More . Believe me, remembering random strings of ASCII is not an option. I’ve now discovered Mitto and consequently changed my tune on the issue. Let’s see what Mitto can do to improve your online experience.

So what changed my mind? I wanted to start the new year with a clean cyberspace, so I went through online accounts, emails, folders, Twitter and even my WordPress installation. Then I realised that my spreadsheet was in disarray: old passwords, usernames missing, multiple entries for the same service. The sheer number of passwords made managing that spreadsheet too much work, and after all, I didn’t have missile launch codes to protect. I could live with a little bit of uncertainty – after all, it’s the giant cheesecake fallacy. Even if they could access my passwords, why would they?

manage your passwords

Mitto is a web based service to help you manage your passwords by enabling you to use high-strength passwords 5 Free Password Generators For Nearly Unhackable Passwords 5 Free Password Generators For Nearly Unhackable Passwords Read More for your online accounts without having to remember the actual string. Once inputted to its database, you can log into any of your websites with one click. Think of it like AutoComplete for your passwords, but with strong encryption, good security policy, and organisation tools. Don’t worry, the adding process is straightforward and it won’t take you more than 30 seconds for each service. They even provide a bookmarklet that let’s you add services directly from the login page – with one click.

Now that you don’t have to remember complex passwords, you can use something like the GRC password generator and update all your passwords with stronger ones. Another feature is the tagging capability – especially for those with a very large number of logins. Two email accounts from the same provider? Simply tag one with “work” and never get them mixed up again. But most importantly, there’s nothing to install on your computer to manage your passwords – you can visit and use Mitto from any browser on any platform you’d like.

how to manage your passwords


For starters, Mitto uses 128-bit SSL certificates to encrypt the connection between you and their server. They also claim to employ physical security by protecting servers in the datacenter, which has been audited (SAS 70 Type II). Servers are stored in locked and and inventoried racks,  and access to the facility can only be made through secure gates. At the application level, passwords are encrypted with 1024-bit RSA or 256-bit AES, which is good by today’s standards. They are certified by TRUSTe and McAfee as secure for known XSS (Cross-site Scripting), XSRF (Cross-site Request Forgery), SQL Injection, Session Fixation & Hijacking. More details about the security measures is available on the Mitto website.

manage your passwords online

The sign-up form gets good points for asking a security phrase, which all genuine messages from Mitto will contain as a security precaution. Unfortunately, the questions for resetting the password are the standard set, and information like your first car or job can be easily found. If an attacker correctly guesses the answers, the only thing stopping him is access to your email account, so make sure that is protected.

Mitto is very flexible, easy to use, and most important, it’s completely free. You can sign up by visiting To end this article on a rather classy note, here’s a quote I remembered: “On the day when we can fully trust each other, there will be peace on Earth.” Do you guys know who said it?

  1. Nyuszika7H
    March 21, 2010 at 3:20 am

    I'm using Mitto, and I can say it's PERFECT! I had only one problem with it; sometimes I forgot to login to Mitto, and the bookmarklet said I must first login to Mitto. From today, I'll use the Mitto sign-in page as my homepage, because if I click on the bookmarklet, I want the login to be fast.
    And I didn't even say that their support is also great.

    I can recommend it to anyone! I used LastPass, but it was too hard to use. I also tried PassPack, but Mitto is better.

  2. Anandarajeshwaran.J
    January 11, 2010 at 3:33 am

    I prefer the excel sheet to maintain my passwords. I dont want to leave my passwords lying in some server how protected it may be. I know maintaining a excel sheet is a pain and requires a lot of copy paste while logging. I dont have the whole password in my excel sheet. If a site name begins with vowel i prefix some text to the pwd in the sheet. If it does not begin with a vowel I suffix it with some other text (the prefix and suffix are same for all the websites).So even If someone opens my excel sheet he will not be able to make use of my passwords.This is my own encryption.

  3. Feketelaszlo
    January 10, 2010 at 1:09 pm

    Well, I keep my login names and passwords in a small book. Naturally I am the only who knows where this book is. That's safe password-management.

  4. Linda
    January 7, 2010 at 10:18 am

    Oh, and I forgot, the bookmarklet is awesome! If you want, you don't need to go to Mitto each time to log in, you can use the bookmarklet from the site you are on to log in. They just wrote a blog about it:

  5. Linda
    January 7, 2010 at 10:15 am

    There are a couple of things that I like about Mitto:

    1. It's fully functional online. I don't need to install a plugin or just works the same way from every browser and operating system.

    2. I can add extra security with my cell phone. This way if I log in from an unrecognized computer, it sends me a unique text message to my phone which I need to enter to continue. Bank of America does this too, and I really like the additional layer of protection.

    3. You can intelligently share passwords with other Mitto users (i.e. my husband and I can both access our common online utilities accounts, and if one of us updates a password, it gets updated automatically for the other person).

    4. It's free, with no limits on the number of passwords you can have. They do mention the fact that a paid version and a business version will be available at some point, but they also say they plan to offer the basic service for free.

    January 7, 2010 at 5:12 am

    So how would you compare LastPass to Mitto? I have been thinking about switching from RoboForm to LastPass.

    • Stefan Neagu
      January 7, 2010 at 6:22 am

      Because I don't want to use any browser plugins or standalone apps, Mitto is the best solution for me.

  7. Ps3 Modern Warfare 2
    January 7, 2010 at 4:55 am

    I haven't used yet such technique to manage my password so securely but as it seems so great, i would like to give it try.

  8. Alex
    January 7, 2010 at 1:58 am

    Has anybody tested if Mitto works with Opera Mini on e.g. a Palm Treo device ? Would make mobile surfing a lot more comfortable, so I really would like to know.

  9. kadals
    January 6, 2010 at 8:49 pm

    are you sure it secure??

    • Stefan
      January 7, 2010 at 1:01 am

      Like everything on this earth, it's a gamble. You could choke on your toast one morning and die but that doesn't mean you won't eat bread. I assume by the data they provided that it is reasonably safe. The same way a Facebook account is safe or an online banking service. There isn't something 100% safe and unbreakable.

  10. Maggie
    January 6, 2010 at 7:37 pm

    ^Yeah, what he said. Lastpass integrates into your browser. Can this do that?

    • Stefan
      January 7, 2010 at 12:54 am

      It doesn't integrate with the browser, you have to visit the site each time. I really don't care for that feature because it only takes a couple of seconds to switch the tab to Mitto and login. Plus the majority of sites keep you logged in for a long time, like Yahoo Mail at 2 weeks.

      • Brian
        January 7, 2010 at 10:08 am

        You don't need to visit the site each time, because with their bookmarklet, you can go to the site you need to log into and use that to have it log you in. Check out the video tutorial:

  11. Stephen Li
    January 6, 2010 at 6:17 pm

    seemes like mostly the same features as lastpass

    i still find lastpass more convenient

Leave a Reply

Your email address will not be published. Required fields are marked *