It really has to be said with the growth of the internet and “cloud technology” has left us with an increasing number of passwords and trying to choose and remember good ones can be a total nightmare. The chances are that you have an account on Facebook, Twitter, LinkedIn or any of an increasing range of online retailers, such as Amazon or Play, and they all require passwords. This can very quickly add up to a very long list. In the past week alone, I have logged into at least 40 different websites.
So makes a good passwords?
Well a good place to start is to review a few of the do’s and don’ts and we will take it from there
What you shouldn’t do
Do not base your password on your name, age, address, date of birth or any other “easily” obtainable information.
Don’t use a phone number or set of sequential numbers i.e. “123456”
Don’t use all one case for your password
Do not write it down for reference
Don’t use one password on every site – I know I can be guilty of this one!
What you should be doing
Do mix upper and lowercase characters
Do include non-alphanumeric characters i.e. !@£$%
Where possible, do use a random password generator
Use a different password for each site you need one
So where, I hear you ask, does that leave us? Well a good start would be a short sentence or meaningful phrase and then do one or more of the following:-
Remove repeating characters
Replace certain characters with numbers or symbols i.e. replace “3” with “E” or an “i” with “!” In most cases this should give you a reasonably complex password, however there are some tools available that can make your life a lot easier. I just want to look more closely at one of those, as it is something I use and have found very useful.
LastPass to the rescue
LastPass is a free tool that can be used on all your computers. Because it is cloud-based it can be installed on multiple computers and will synchronise each machine with the master copy which is held online. There is also a premium version, costing $12 a year, that allows you in integrate the product with your smart phone.
In a nutshell LastPass creates a database (called a vault) of usernames and passwords and encrypts them all with a “master” password. As you sign into an existing site, it will notice you doing so and offer to save the credentials, much like many browsers do. The next time you visit the site it will automatically populate the username and password field, and if set to do so, click the “login” button for you. In many cases this means you may not even see the login page. Furthermore, it will also detect when you are “signing up” to a website and offer to generate (and store) a new password for the given site. You can also provide it with other data such as name/address/email address etc. and it will store and offer to auto-complete the sign-up forms, when it detects them.
It also has the following extra advantages:-
Integrate with multiple browser on the same, or different machines, meaning you now only need to remember the master password to stay secure
You can also login to your password vault via the LastPass website and access your sites securely this is useful when you are using a machine that is not yours, i.e. friends computer, internet cafe etc.
You can also store extra information in the form of a note, and attached to a specific website i.e. you can store you bank account number with your banks login details.
This is not only a huge time-saver but also provides a better level of security than you could hope to come up with, when using your own passwords. It is also secure, as long as you choose a strong master password. Should you forget this password they can reset it for you, but it will wipe out your database of passwords, this ensures that any would-be hacker cannot simply have your password changed and gain access to all your sites.
Should you wish to know more about the features of LastPass then why visit their website or watch one of the many excellent screencasts that explain the features in more depth.