Posts

Choosing a Password Manager

I give up. I am drowning in an ocean of passwords and it’s time to save myself.

It’s time for me to decide on a password manager program and burn my pages upon pages of passwords.

A password manager is an app for your computer and mobile devices that securely stores your passwords so you don’t have to remember them. Actually, it’s a misnomer to call it a password manager. It’s also a username manager. Not because it can change or create more secure usernames, but because it remembers them also.

The best password managers also generate long and strong passwords for you, will alert you if  a website has been hacked and automatically change a hacked password. In addition, password managers can auto-fill address and payments forms, keep your passwords synchronized among all of your devices and allow you to securely share a password with a co-worker or family member.

Password managers have been around for years, but I have been primarily skeptical about storing my financial logins “out there somewhere.” So, I devised a system for creating mostly unique passwords that contained a variety of characters and no words. And that system still works really well for me, but the reality is that a) the increased sophistication of cyber attacks requires ever longer passwords, and b) I’m tired of creating, entering and remembering longer passwords.

It’s time to choose from among the best and most secure password managers. In a recent article by lifehacker.com, the most popular password managers are LastPass (lastpass.com), 1Password (1password.com) and Dashlane (dashlane.com). All of them securely store passwords, sync between my devices, generate strong, unique passwords and auto-fill online forms.

Originally, I was going to test each of these three services and share my opinions with you. But that has already been done so many times by very reputable websites that I don’t need to reinvent that wheel.

Instead, I’m going to tell you why I’m just going to go with LastPass. Price.

The capabilities of LastPass, 1Password and Dashlane are essentially the same. Some have easier to understand apps, but none are difficult to use. 1Password is a one-time purchase of $50. Dashlane is free to use on one device and then $40/year to use and sync on multiple devices. LastPass is free to use on a computer and $12/year to use and sync with your mobile devices.

So, why not go with 1Password which ends up costing less than LastPass beginning in the 5th year at $12/year? Because technology is going to change from typed passwords to something more unique. Whether it’s a fingerprint, retina scan or hardware token. Cyber security is a big industry and I expect to see something better than passwords sooner rather than later.

*** Update – last week LastPass reported that it suspected a security breach and asked all users to change their LastPass master password. Nothing is 100% secure, and I still have confidence in LastPass and I really need a password manager. Therefore, I still recommend and use LastPass.

WARNING: You need to change some passwords this weekend. You really do!

I do not like “house-cleaning” tasks on my computer, but unfortunately, we all need to change some passwords ASAP.

You may or may not have heard about it, but there was a pretty big security bug discovered on the Internet this week. It’s called the Heartbleed bug and not every Internet company was vulnerable to it, but you may have received some emails advising you to change your password on some websites.

Mashable.com has put together a list of some of the major websites we all use and whether or not we need to change our passwords on them.

THIS IS IMPORTANT! You need to click here to check which websites on this list you need to go to and change your password.

The Mashable article also advises “… if you reused the same password on multiple sites, and one of those sites was vulnerable, you’ll need to change the password everywhere. It’s not a good idea to use the same password across multiple sites, anyway.”

Changing passwords can make you crazy if you don’t have a system for creating strong passwords and a way to remember them. The safest and strongest passwords have at least 12 characters that include letters, numbers and special characters.

You may think that sounds impossible to remember, but it’s not if you choose one method for password creation and systematically use it for all your passwords. Here is a method for creating strong and unique passwords.

The acronym password

  1. Think of a nine or ten word phrase that you can remember that’s meaningful to you and write down the first letter of each word in the phrase:
    My favorite flavor of ice cream is mint chocolate chipmffoicimcc
    I love to go to the beach at Pawley’s Islandiltgttbapi
    I eat cereal toast and coffee every morning for breakfastiectacemfb
  2. Now take your chosen acronym and add a number to the beginning.
    1iltgttbapi
  3. For the site where you are assigning this password, add a capital letter at the end of the acronym that is the first letter of that site. For instance, Facebook would be F, Gmail would be G, Evernote would be E, etc.
    1iltgttbapiF
  4. Finally, add a special character at the end.
    1iltgttbapiF!

Now, instead of having to remember this jumble of characters, you can remember your own formula. Use the same number at the beginning, the same acronym and the same special character at the end for all your passwords. What will change is the capital letter representing a particular website.

My number + the first letters of my phrase + capital letter of website for this password + my special character = strong password

There is so much more to be done to feel at ease about your passwords.

  • Where do you save a list of them securely?
  • If you were far from home and forgot a password how could you find it?
  • If something happened to you, would your family members be able to find your passwords to access important financial accounts?

It’s becoming such a problem for many people, I’m going to work on creating a quick and easy self-paced video class to help those of you who never want to forget a password again and keep them as safe as possible. If you’re not a subscriber to my email updates and want to be notified when the class is ready, be sure to subscribe in the upper right sidebar.

Here’s the most important tip. Please take some time this weekend and change your passwords!