Most people dont put a lot of thought into creating a password. Its usually easiest just to create a short, easy-to-remember password, or even just to use the same password for every account you have. After all, the average person probably wont be able to guess your password. However, hackers often use passwordcracking software that can keep testing many different passwords until they find the correct one, and they can easily crack weak passwords. By creating strong passwords, you can greatly reduce the chance that your personal or financial information will be stolen.
"Complete awareness cannot happen when there are clutches in the mind."
Common Password Mistakes
Many people create passwords based on their spouse name, a hobby, or a simple pattern, since those types of passwords are easy to remember. Unfortunately, they are also very easy for hackers to guess. To create a strong password, you will need to avoid these types of common mistakes. It seems like every other day there is a new social website or service that you have to sign up for and start a new account. While this can be great, it is hard to keep track of all your different passwords.
The simple solution for this problem is to just have one password for everything. However, this leads to an incredibly large security risk. Its unreasonable to expect any person to remember complex passwords, so the best solution is to get a password manager
What is a Password Manager?
Password managers are services that allow you to securely save all your passwords and keep them safe using one master password. While having a master password may seem like it defeats the purpose of having multiple passwords, think about it this way: if your Facebook account gets hacked and you have one password for everything, you will have to change your password for everything.
However, if your Facebook password is compromised and you have a different password for all of your other sites, you just have to change that one password. Its easy to change your master password frequently to keep it safe rather than changing all of your passwords on a regular basis. Before discussing too much about password managers, its important to mention the basics of password security.
As computers improve and get more powerful, so does the ability of people to use them to crack your password. This means that having a strong and secure password is more important than ever. The general rule of thumb is to have a password that is 9 characters or more at least in length and include an uppercase letter, a number and a symbol. Alternatively a local client will keep all of your passwords saved on your own machine, but you are stuck with using only the clients that the company produces, making your passwords less accessible. Even if the company goes away, you will still have the application and will be able to get your passwords out. In most cases, I prefer using a local client as it gives you more control over your passwords and a bit more flexibility.
Getting Started with Your Password Manager
Read More The first big decision you will need to make with a password manager is choosing your master password. This master password controls access to your entire password manager database, so you should make it particularly strong – its the only password youll need to remember, after all. You may want to write down the password and store it somewhere safe after choosing it, just in case – for example, if youre really serious, you could store your master password in a vault at the bank.
You can change this password later, but only if you remember it – if you lose your master password, you wont be able to view your saved passwords.
This is essential, as it ensures no one else can view your secure password database without the master password.
After installing a password manager, you will likely want to start changing your website passwords to more secure ones. LastPass offers the LastPass Security Challenge, which identifies the weak and duplicate passwords you should focus on changing.
Password Managers to Use
A variety of password managers are available, but two stand out as the best options. Each is a solid option, and which you prefer will depend on whats more important to you:
LastPass: To Geek. Its a cloudbased password manager with extensions, mobile apps, and even desktop apps for all the browsers and operating systems you could want
KeePass:LastPass isnt for everyone. Some people just arent comfortable with a cloud-based password manager, and thats fine. KeePass is a popular desktop application for managing your passwords, but there are also browser extensions and mobile apps for KeePass. KeePass stores your passwords on your computer so you remain in control of them. Its even open-source, so you could audit its code if you wanted to
In addition to that, I also suggest that you dont use any words that could easily be found in the dictionary.
I suggest this because many computerized "brute force" attacks will simply have a dictionary of common words and common tricks with words (capitalizing proper nouns and replacing "e" with "3" for example) and just cycle through them until they get the right one.
Choosing Your Password Manager
Picking which service you would like to use can be tricky as there are a lot of options out there. There are many free as well as paid services so do your research carefully before deciding which one you want to use. Check which platforms the software is available on and make sure it works with what you use.
If you only use Apple products, make sure there is an OS X and iOS app available. If youre like me, and find yourself using multiple platforms within a day, make sure you use a service that is available on multiple platforms.
There are different types of clients out there, primarily being online and local.
An online client lives mostly in the browser, where you store your passwords online. With an online service you will have access to your passwords no matter where you are.
The biggest downside is that you are completely reliant on the company, and if they go out of business, you are out of luck, if you choose an online service.
So it is highly recommend that you make an offline backup of your passwords periodically and keep them in a safe place.