If there is any silver lining to all the recent data breaches from sites like Yahoo and LinkedIn, it is that they keep personal cyber-security in the spotlight and show us that we still have a ways to go. While we can’t prevent breaches from occurring on the sites we use and love, we can greatly reduce the impact these breaches can have on us. Here are two weak links you can easily eliminate to strengthen your personal cyber-security:
1. Weak passwords
Analysis of stolen data reveals that too many of us still rely on very simple passwords. It’s not surprising that most people don’t want more complexity in their lives — we are already dealing with larger volumes of information than our ancestor ever had to manage. So, it’s little surprise that passwords like password, 123456, qwerty, and names of sports teams and superheroes continue to dominate the leaked lists. Simple passwords like these and any other “dictionary” passwords do not stand a chance against password-cracking software. Such software makes it easy for someone to break into your account with just an email address.
2. Reused passwords
Another significant risk is using the same password on multiple websites. In this case it does not really matter how strong your password is. Having your account information stolen even once opens you to further attacks across dozens of other sites you might be using. In what’s known as credentials stuffing attacks, hackers will plug your stolen credentials into hundreds of popular email, banking, utilities and social media websites. This means that if you, for example, used your Yahoo login on your banking site, chances are your banking account has also been compromised, but you may not know until it’s too late.
How a password manager helps
Most of us manage dozens of personal and work-related accounts. If you are still using sticky notes or spreadsheets to manage your passwords, it’s time for an upgrade. A password manager application make it easy to create, manage, and use strong passwords.
One of the core features of a password manager application is the ability to create very strong random passwords. In the example below, we are using Password Safe to create a new password for an account. Simply clicking the Generate button creates a unique strong password. If necessary, the default settings can be adjusted to specify the desired password length and the characters to include or exclude.
Once inside the password manager database, your data is encrypted, and you need to remember only one password to access it. Don’t want to have to remember even a single password? Some password managers offer other methods of authentication like facial recognition and biometric (fingerprint) login.
Not surprisingly, password managers also make it easy to manage passwords. You can organize them into meaningful groups (Work, Personal, Banking, etc). You can also search, backup and restore your password database, and change password creation policies. Some of the applications also offer extra features like password audits and even alert you when you might have been affected by a breach.
Which password manager is right for me?
There are quite a few excellent free and commercial applications available. You may even already have a password manager application included if you use a security suite like Norton or TrendMicro.
If you want a simple, straight-forward password manager with great security and minimal bells and whistles, you may want to give Password Safe a try. It is available free for Windows and Android, and also via premium apps for Mac OSX and iOS.
However, if you want a more comprehensive password management platform that makes it easy to share passwords across all your devices and offers advanced features like multi-factor authentication, then LastPass premium may be the right option for you.
Don’t put your personal data at risk any longer — find the password manager that fits your needs, and start using it.
Comment on this article