How many passwords do you use in your daily life? Do you use the same one for all accounts?

Online_Banking1Online banking, business applications, online shopping, mobile phone account access etc. all require you to create ‘complex’ passwords. To help make it easier, many people use simple and personal reminders to create them and then use the same password across multiple accounts, leaving our accounts vulnerable to hacking. For example;

How many of us use our personal information that is available publicly on our social networking pages, within our passwords? Children’s names, favourite pets, dates, education information etc. we happily publish this online and and is easily retrieved. So no personal data and using a complex password format it is.

What is a Complex Password?

A complex password should consist of 8 -14 characters, with uppercase and lowercase letters and also include special characters e.g. @!#. The best passwords are made up of a random selection of these characters but are then very difficult to remember and after locking yourself out of your Facebook account again, you may be tempted to revert back to your old habits.

Using simple reminders or personal information, in the complex format, may now seem like a good idea again but with basic hacking tools and a quick scan of your social networks ‘5ocKs2003!’ doesn’t pose a major problem for a mediocre hacker, and all because you love your cat! Facebook-Login_1

So, how do you ensure all your accounts are using a secure and unique password and that you will be able to remember easily and get access quickly? You use a password manager.

What is a Password Manager?

Firstly, a password manager is exactly that, a place where you manage all your passwords. A Password Manager will collect and store any passwords you create when online, usually during account creation, or the next time you login to a site.

The initial benefit of this is that you only need to remember the one complex password to login to the password manager. All the others you can change to the most complex and obscure passwords imaginable and this tool will remember them. Changing all your accounts to obscure and complicated passwords will reduce the likelihood of your most important information being compromised.

A password manager is a Web Browser Plugin that links to its parent site for cloud storage. When you go to a site the plugin will check if it has an account entry for the site and auto populate if required. If you create a new account and password, it will ask you if you would like it saved and store it in the cloud. There are also Mobile Apps for when you are on the go, and they work the same way.

How secure is it?

To ensure your Password manager stays secure as possible, it will only allow you to create a complex password for the account and It will also use multi-factor authentication as an extra level of security. This means that when you use your username/complex password to login, it will also ask you to confirm your identity another way i.e. fingerprint, facial recognition or by using an authentication app on your mobile phone. With this extra level of authentication, someone could get your account name and password but will still not be able to get access to your stored passwords. Very Secure and also Free!!

Password Managers will also;

·        Generate complex passwords for you

·        Allow you to share access to a site, without sharing the actual password

·        Provide a phone app version for when you are mobile

·        Password strength reports to highlight poor/simple/duplicated passwords

Top 3 free password managers

·        LastPass

·        LogMeOnce

·        1U Password Manager

If you don’t think that a Password Manager is necessary, make sure your passwords follow best practices;

Password best practices

·        Always use complex passwords using Upper/lower and special characters

·        Do not use personal information in your passwords

·        Change your passwords every 12 weeks

·        If you think your password, or you your account, has been compromised change the password.

 

Written by Nick Trott

Nomadic IT Professional who loves the mountains

2 comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s