It’s not a secret that there are plenty of threats out there in Internet-land; if you remember in the Watch Your Links post, the bad people out there are going to increasingly great lengths in attempts to get us to divulge passwords. Truth be told, in addition to just paying a little closer attention to how we use Internet-based resources, the best protection against fraud and identity theft on the Internet is to use a good password.
We’ve all heard the recommendations – but they’re worth repeating here:
- Use something only you will know, but not easily guessable (meaning your kids’ names are a bad choice)
- Mix in upper and lower case letters
- Use numbers and special characters (such as !, & or @) wherever possible
- Don’t use the same password everywhere (this is very important)
That last one is a really big deal – using the same username and password combination for everything from Facebook to online banking/credit card management inadvertently creates a single point of failure and a massive exposure. Once it’s breached, the thief has the keys to the kingdom. Literally.
This is where the reality fairy pays me a visit and says “there’s no way people are going to do this, even though they know they should.” And the fairy would be (mostly) right – which is why there are tools to help us do the right thing, and they’re called Password Managers.
Password Managers are add-on solutions that keep a list of the sites we use, and record the username and password required to authenticate when it’s needed. Usually there’s a master username and password required to open up “the password vault”, but once that’s been opened, the tool will auto-fill the information when it’s requested. Many of you will say “doesn’t this also create a potential single point of failure and exposure?” The answer is technically yes – which is why the password to the vault must be extremely complex and difficult to crack.
There are a number of tools out there – some are free, some are included with your browser and some are paid/subscription services. Some examples include:
- Password Safe (Free app, Windows only)
- 1Password (Paid app, Mac OS X only)
- RoboForm (Paid app, Windows only)
- Firefox Password Manager (Free, built into the browser, cross-platform but Firefox only)
- Chrome Password Manager (Free, built into the browser, cross-platform but Chrome only)
My preference is LastPass – and here’s why:
- It’s cross-platform: I run it on Windows, Mac OS X and Linux
- It’s also cross-browser: it installs as a plug-in to Firefox, Chrome, Internet Explorer and Safari
- It permits organization of sites into folders, for easier bulk management.
- It will generate secure passwords for you, if you want it to.
For me, it doesn’t matter which machine I use or which browser on whatever machine I’m on, my vault is accessible and integrated into the browser. I can’t begin to describe how much time and effort this saves me. This doesn’t even include the time saved by another LastPass product called Xmarks – another huge time-saver and must have.
Here’s the best part - it’s free. But if you’re smart and want to be like me (and who wouldn’t), shell out the whole $12/year to be a Premium user to get the real value:
- There’s an app for your smartphone/tablet that allows you to access your LastPass Vault – and I use it often.
- You get Priority Support. You shouldn’t need it, but it’s there.
- There are no ads – to me, no ads alone is worth $12/year.
I am of the firm belief that in life, you get what you pay for. LastPass is worth every bit of my annual subscription costs. Being a subscriber also provides the company (in some small way) a revenue model that helps sustain the product. I like it, I don’t want it to go away, so I’ll give them some money. Everyone wins.
(DISCLOSURE: I have been a paid LastPass subscriber for some time, and I endorse it because I like it and use it – not because I got a free offer in exchange for a product plug.)
So if you’re worried about keeping your passwords straight, no need to worry. There are solutions to make your life easier.
Be safe out there.
We at BTD also recommend reading (or viewing) these links, as they provide some additional ways to secure yourself.