How many passwords do you have?
If you’re like most people, those passwords are in a notebook or file folder somewhere in your house and you dread opening it up each time you need to log-in to something.
We at Cow and Sky are all about fixing your technology frustrations. And what’s more frustrating than managing all of those passwords? We think it’s up there between paying taxes and having non-elective surgery.
It wasn’t always this way. You probably started with a single sheet of paper and a neat list of a 10 or so passwords to a few important websites. But as you used the internet more and more, everything seemed to need another login and password. Not only that, but websites often ask you to change your password (every few weeks, it seems) and so you scribble out the old one and write the new one next to it.
Soon that simple sheet of paper is 18 pages long and your handwriting has had to get smaller and smaller to cram more and more passwords on to each page. “There has to be a better way!” you ask yourself like a late night infomercial.
And there is!
A better password solution
Instead of using paper, you can use a password manager. A password manager is a like a digital version of that piece of paper, but one that is more secure and much, much easier to manage.
With a password manager, you only need to remember one password! The password manager will remember all of the other ones for you. Not only that, but a good password manager will tell you when your password is too weak or you’ve re-used your passwords. It’ll even remind you to change your passwords at regular intervals.
All without you having to dig through a pile of ratty paper.
A password manager is both safer and easier than using paper.
There are several different password managers out there: Dashlane, 1Password and keepass. But my favorite is Lastpass (Note: I do not receive any compensation for promoting any of these services – I’m just a fan!).
I like Lastpass because it’s easy to use and best of all: it’s free! And we’re all about free here.
Lastpass will automatically store all of your login and password details, tell you when your passwords are weak, and help you find stronger ones to use. It’ll even warn you when you’ve used the same password for multiple sites and remind you to change them.
Lastpass works on your mobile phone and desktop web browser and syncs all of your passwords between them. So if you need to log in to your bank from mobile, Lastpass can do it. If you need to get to Hulu on your computer, Lastpass will remember your login data. It’s very easy.
Lastpass and many others use an encrypted online database to sync your data between all of your different devices. Your passwords are always with you, yet always secure.
Now, I know what you’re thinking: “All of my passwords would be online!?!? How can storing my passwords online be safer than storing them in my desk? No one will ever find my secret password notebook!”
The problem is that hackers don’t need access to that notebook to get into your accounts.
Thieves have gotten smarter
The two most common ways that thieves can steal your digital information are:
- They can “hack” your account by guessing your password
- They can break into a computer system and steal everyone’s passwords and then using that information to hack into your other accounts.
Let’s look at these two hacks.
If you’ve used any “simple” passwords it’s trivially easy to run a computer program and hack it. Here’s an example of a simple password: cary45. It would take a modern computer about 3 minutes to guess that password. A hacker can run a program which tries every combination of letters and numbers until it gets a successful log-in. Even a more difficult password like c@Ry45 would only take 13 minutes. This is called a “brute-force” attack and it happens all the time.
The second hack happens when someone gains access to a computer system and steals all stored passwords. You’ve probably heard about this in the news. For example, Yahoo was hacked and everyone’s log-in data was stolen – all 3 billion users! Once the bad guys have all those passwords, they use them to try to log into every other online service: your bank, your broker, your Facebook account. If the password you used for one website was stolen, it’s possible that the hacker will use that same password to try to gain access to other online websites.
Knowing this, there are two things you must do to keep your passwords safe:
- Have a strong password. One that is both long and uses lots of different character types.
- Don’t re-use any of your passwords.
At this point, your sheet of paper with all those passwords is probably looking pretty vulnerable. A password manager will help you fix that.
It’s true that Lastpass, Dashlane, 1Password and all of the other password managers are attractive targets for hackers. Just like banks are attractive to thieves because they hold money, password managers are attractive to hackers because they hold sensitive data. As such, they are constantly under attack.
But just like banks spend considerably to ensure their security, so do the online password managers. Lastpass and many of the other password programs use AES 256bit encryption to encrypt your passwords. Even if hackers stole your data from the online database, it would be useless to them because it would take 50 supercomputers 3×1051 years (that’s 3 with 51 zeros after it!) to crack the encryption. Each service has strict systems in place to prevent employees from gaining access to your information. They know that their business depends on trust and they work to ensure they keep it.
Of course, it’s always possible that your password manager could get hacked, but it’s much less likely that your sensitive info will be stolen from a password manager than from using weak and repeated passwords. For that reason, we still recommend using a password manager.
And if you’re uncomfortable giving your passwords to an online service, there are still good digital options. KeePass, for example, is completely off-line. It works on your computer and your phones, but doesn’t sync anything automatically. It does many of the same things as Lastpass or the other password managers (such as automatically generating strong passwords and querying the database for repeats). It works very well at the cost of losing some convenience.
How to convert to a digital password manager
Once you’ve gone through the initial setup, the hardest part of using a new password manager is loading up all of your passwords. You might have over 100 different passwords and it would take a long time to retype all of that into your new password manager.
My suggestion would be to not do it all at once. Install Lastpass and use it for a few months. As you log into various websites, Lastpass will automatically ask to save your user names and passwords into its database each time you login to a new site. Soon, much of your information will be in the Lastpass database and it won’t take much time at all to enter the few remaining passwords you haven’t used in a while.
Then, let Lastpass run a security challenge on your database. You’ll soon realize just how many bad passwords you have. Luckily, the program will help you log into those various websites and change your passwords for you.
And if you’re still uncomfortable using a digital password manager, you must make sure your passwords are strong and unique for every log-in. So that one day your password list will look less like this:
And more like this:
If you would like us to help you set this up, we can install a password manager for you and show you how to use it. If wanted, we can even input all of your current passwords, securely and privately, so you’ll be all set up and ready to go.
Just contact us at any time.