Most people know that passwords are necessary, but as you work more online they become extremely cumbersome. You’re told that you shouldn’t use the same password across multiple platforms. You’re told that you need to use long, complex passwords. What happens when you have dozens of long, complex passwords? Chances are you eventually forget them, and this is when they become difficult to manage.
You might wonder why long, complex passwords are required. You might even wonder why many online sites and even your employer have strict password rules including a requirement to change the password every few weeks. Usually, a corporate office is much more strict with passwords than an online store. This is because you have access to sensitive corporate data on your corporate account rather than your standard online store account.
There are several ways an attacker can get your password, and each rule created to demand a certain length and complexity is for a reason. Complexity limits what is called “brute force” attacks. Brute force attacks happen when an attacker tries to guess your password by sending input with every possible phrase combination possible. Computers are much faster than people, so thousands of passwords can be attempted every minute. This is why most sites have a limit to the number of wrong passwords used before your account is locked. It’s also why complex passwords are required, because it takes longer to guess the right password.
The suggestion to use different passwords for each account is based on phishing or even if a hacker is able to guess one of your other account passwords. If you have the same password across multiple accounts, you run the risk of having many of your other accounts hacked. The attacker will usually use phishing in an effort to get your account password and email. Since email is used for many accounts, he can then log in to your other accounts and now you have multiple compromised accounts.
To wrap it up, you want to use different passwords for each account, and keep the password to at least 8 characters with upper and lowercase alphanumeric characters and at least one special character.
Too Many Passwords Gets Hard to Organize
With password basics in mind, you can imagine what it’s like if you have numerous accounts online. You could have dozens of passwords, so how do you remember them?
Luckily, several developers have created password organizers. These organizers allow you to set up a folder or database of passwords. Your organizer account has its own password, so you still need to remember one of your passwords, but you only need to remember this one password and the others are listed in your organizer. You can set and update your passwords at will, so you just keep a list of new and edited passwords that you can later retrieve should you forget them.
Here are some password organizers that can help you keep your complex passwords without worrying about forgetting them.
LastPass is one of the most common ones on the market. LastPass not only stores your passwords, but it also repopulates your passwords with specific sites that you browse. This saves you time so you don’t have to perform a lookup every time you want to log in to a website.
LastPass also creates secure passwords for you, so that you don’t need to create one yourself. It works with Firefox and Chrome and it works with your mobile device including Android and iOS.
One note about LastPass, however. It was hacked a couple of years ago and had a breach of data in 2015. This is one problem with cloud password lockers, but it’s still more secure than using the same password across multiple sites.
Dashlane is another password locker that can be used across browsers and on your mobile device. This application lets you install on multiple devices, but you must pay $3 each month to synchronize your accounts across multiple devices.
Dashlane takes password lockers to a new level and also lets you store personal financial information on your devices such as your bank and credit card account information.
One thing that distinguishes KeePassX from the others is that it’s an open source application, and it’s generally recommended by most security professionals. When an application is open source, anyone can review the code and identify security issues. You can also identify if the owner of the software has installed any backdoors.
The downside of this software is that it’s a bit more difficult to use. If you’re not familiar with password lockers, this one has a bigger learning curve than the others.
Sticky Password is the last on our list, but it’s also worth mentioning because it has a biometrics option. Biometrics is the latest in password security. Instead of relying on a user remembering a password, which can be hacked, biometrics relies on something genetically unique about the user. Biometrics include fingerprints, retinal scan or even voice activation. Fingerprinting is the most popular.
It works similarly to the way the others work, but you must pay to have your browser or mobile device sync to the cloud. However, by syncing to the cloud you save yourself in case your computer or mobile crashes and you lose your data.
These are just a few password lockers to organize your data, and they can make it much easier to store multiple passwords to avoid having any of your accounts compromised. You can even store your current passwords in a locker and then change them later. Just remember to always use unique passwords, create ones that are at least 8 characters, and use upper and lowercase alphanumeric characters with at least one special character.