Today is World Password Day and what better reason than to spread the work of changing your password processes.
So many people have the same password for every service they use. Imagine having the same password for your Netflix account, that the whole family uses, and for your banking. Now imagine what happens if the kids happen to share that password with their friends because they want to watch the latest episode of Tiger King. Now not only your whole family has the password to your financial world but their friends do too.
This is how it works in the world of online hackers. Through clever means of social manipulation the bad guys find out your password to some service, like Netflix or worse, your email account. Now in the scenario where your email account password is compromised the bad guys can click that link on the login page of most online services – forgotten password. A new password gets sent to your email address right! The bad guys have now got your new password.
Using these methods people have their whole online identities slowly taken over.
What is the answer?
Have a different password to every single service that you use online. And not a password like ‘password123’. A strong password that looks something like ‘7Y65^%,sd9)’. That’s a much harder password to crack using a brute force dictionary attack than ‘password123’. Having a separate password for every service too means that if a company has a data breach and passwords are exposed or stolen, then it means that you only need to change the password to that one site and not every single service you use.
Enter Password Managers and life becomes much easier.
Remembering a password like ‘7Y65^%,sd9)’ for every single site isn’t easy though and that is what has lead to many users having the same password for every service.
I use and recommend Lastpass as a password manager. But there are any number of good and secure services available. Some of these include Lastpass, 1Password, Keypass, and Dashlane. Most of these services have a free tier which will get you started and then usually for a small amount of money either monthly or on an annual basis additional services or features are enabled.
With most password managers you set a Master password which is strong and secure. It is recommended to use a phrase for this master password instead of a word or letters and numbers. You could still add letters and numbers to your master pass phrase but just be sure to remember it as this is the key used to encrypt the database of usernames and passwords you are creating. Forget the master password and everything is gone.
As you sign up for a new service, with the use of a browser plugin, you are able to generate a new secure and strong password, plus automatically add it to your password manager’s database. When you return to the site or service in future all you need to remember is your master password / pass phrase and the unique password will be auto filled into the login box. Just like magic.
So given that it is World Password Day, go out and change those old passwords to something more secure but even better pick a password manager and improve your password management game!