Do you reuse your password across multiple websites and accounts? Is your password easy to remember? If you said “yes” to either of these questions, you are doing it wrong and making it easier for your personal or financial information to be compromised. Don’t worry, you can fix this quickly and easily, without remembering complex passwords.
The Complexity Problem
The human brain isn’t great at remembering complex passwords that are have little meaning to us. While “rOver1418$!” is a strong password, it has meaning to you. The definition of a strong password varies depending on who you listen to, but it should be at least 10-12 characters and contain a random mixture of letters, numbers, uppercase, lowercase and symbols (depending on the specific website requirements). You won’t remember more than a couple of strong passwords, which means you’ll likely re-use this strong password across your Google, email, bank and FaceBook account.
Why Reusing Passwords Is Bad
If you reuse passwords, and one of the sites you use is compromised, it’s possible that your password can be used to access your other accounts as well. Have you ever received an email from an account provider that forces you to reset your password because it may be compromised? Was it a password you used on another account as well? Did you remember to change that password everywhere you used it? Can you even remember everywhere you used it? Each account you use should have a complex and random password. Never reuse that password for anything else, ever!
Complex & Unique?
You’ll never remember “4VNnBU3jMmRqz8c” is your Facebook password, “3h&u7lSYi#rU^!I” is your banking password, and “9JeWR5Rqp4unJVy” is your email password. This means you’ll probably write it down, and that could be just as bad. What happens if someone finds it, you lose it or it get’s destroyed.
Have You Heard Of LastPass?
LastPass is a freemium service that can solve all of these password issues. It has browser plugins for most browsers and mobile devices, making it easy to use. It will offer to generate a complex password for each new account, and allows you to save your existing accounts in it’s encrypted cloud-based storage. It syncs across your devices, meaning your passwords are up to date on your desktop, laptop and mobile devices, always! You can also store other encrypted notes, things like social security numbers, financial account numbers, and offline passphrases (like that secret word you have to give DirecTV when you call in to make changes to your account). LastPass is critical for maintaining a strong and unique password policy. You’ll only have to remember one password, your LastPass password. Make “rOver1418$!” your LastPass password and let LastPass handle everything else. Just don’t reuse a password you’ve used before when you create your LastPass account.
Wait, Wasn’t LastPass Hacked?
The short answer is “yes”, but the real answer is “it didn’t matter”. LastPass uses strong encryption technologies correctly. Each account has a unique “seed”, it’s like using a different password for all of your accounts. In short, some LastPass account passwords (not the passwords actually stored in the account) were compromised, but they were useless to the attacker. LastPass does it right, and you should too.
Isn’t Relying On A Free/Cloud Service Dangerous?
LastPass has been around for a while, they are not going anywhere, anytime soon. LastPass is built on your trust, they want you to trust them. This means they also allow you to do things like download an encrypted store of all your passwords and then use the “offline” version of their app to decrypt it. It’s over the top for normal uses, but truly paranoid/power users can keep local backup copies too. There’s no reason not to use LastPass.
What’s The Actual Cost?
For most users, a free account is all you’ll ever need. If you want some of their more advanced features like password sharing, you’ll need a premium account. It’s only $12 a year.
If the thought of relying on a password manager doesn’t seem important or you still don’t understand why you need LastPass, watch this short video.
Lastly, here’s a complete walk through on getting started!
Bonus: Two Factor-Authentication
If you want to be a paranoid/power user and keep your LastPass account even safer, you can use multi-factor authentication (sometimes called two-factor authentication). LastPass can send you an SMS message to your phone when you login with a code, that you’ll have to enter when you login using your username and password. The code changes each time you login to LastPass. You can also use an app installed on your phone or tablet that generates a 6 digit number that changes every 30 seconds. Even if someone knows or see you type in your password, they won’t be able to login without the code. LastPass remembers your login, so you do not have to use two-factor authentication each time you want to login to a website you have stored in LastPass. You don’t have to enable two-factor authentication to use LastPass, but it adds another layer of security.