What To Do About Your Passwords

For the past few years, every big website seems to have been victim to some pretty significant security breaches, losing tens of thousands, hundreds of thousands and even millions of user logins, passwords and other stored user data.

password_vault

Alone some of those websites being breached might not have posed much threat to our own personal security, but the reality is that with password requirements becoming more and more complex, people are using fewer different passwords to log in to their accounts. The password you use for a personal login on a fansite may be the same one you use for Google, Facebook or PayPal, because it’s easier to use the complex password we already know than to create and memorise another one.

One of my solutions to this would be to still only have a few passwords I use, but to change or add a word in there that I would remember when visiting each site and logging in. This was still very insecure, since I was reusing the same password with only minimal changes, and the word I would add or change would relate directly to that site, so would have been easy to guess if someone already had the rest of my password.

One solution is to allow our browsers to remember our passwords, as I’m sure many of my readers do. I also used to do this, but this was when I was using Firefox and when I transferred over to using Chrome, I was a little unhappy that I would need to transfer my login data across. It felt inconvenient and a bit of a security risk to be trusting my passwords to each browser alone, I needed something that would remember my passwords no matter what browser or software I was using.

I read about KeePass, a piece of software that remembers passwords with very tight security controls available, and gave it a try.

 

There was a fair bit of manual set up, but I enjoyed that, and soon I was able to start using the complex passwords that KeePass would generate for all my logins, while only having to remember one master password to access KeePass.

The option I went with, that I really liked, was to have a ‘key file’ stored on a USB that was required to be plugged in to access my passwords. This meant that not only were my passwords secure on my computer but they were also physically secure once I unplugged the USB.

I kept the USB plugged into my laptop most of the time, until the unfortunate day when I knocked the protruding USB stick and smashed it!

usb_broke

It continued working for some time after that, but eventually failed and then I had to admit that I’d been foolish to use a set up that I wouldn’t be responsible enough to take care of.

I gave up using KeePass as it wasn’t super friendly to set up and I’d burned myself with that USB key thing, and instead I switched a little cautiously over to LastPass, an online password manager.

I was a little dubious about using an online service to remember my passwords, but having done some research about the security of the service I decided it was worth a shot. It had the same features to generate secure passwords based on the criteria I gave it (length, special characters, etc.) and it also integrates with the browser so that when you visit a site with a password field, it populates the username and password fields with icons that allow you to generate a password or select your login from a list, auto-populating the fields if you already have a login and enabled the setting.

Using LastPass was one of the smartest productivity hacks I used back then and still pays off every day that I use it. Since I first signed up to LastPass I’ve switched computers a couple times, switched jobs twice, changed browsers many many times and every time I just visit the LastPass website or install their browser extensions to get instant access to all my passwords. I’ve even got my wife on board now and we have a folder with shared family passwords for things like NetFlix and Amazon.

I’ve been a happy user of LastPass password manager for over 3 years and signed up for the pro account so that it can auto-fill passwords on my phone too. The phone app also allows fingerprint recognition as a login feature, and recognises login screens in most apps on Android and iPhone.

I should have written a post about LastPass sooner, but because it has become so integrated into my computer usage, I don’t even notice it’s there anymore! If you’re still using a few simple passwords across multiple sites, or letting your browser or Apple account memorise them all for you, then I would encourage you to switch to a password manager like LastPass or one of its alternatives, it’s one of the smartest (and easiest) productivity hacks I’ve found.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: