With all of the news on hacking attacks and identity theft, it is important to take steps ourselves to protect our data and our systems. Three areas that we control are our passwords, our networks, and our devices. The following is an overview of password hygiene and the role that password managers can play. Further posts will cover network and device security.
Having “strong” passwords is the single best thing that any of us can do to protect our identity and confidential information. Unfortunately, setting up and maintaining different passwords across all of our websites, banking systems, email accounts, and commerce sites is extremely challenging. As a result, most of us repeat passwords, don’t change them on a regular basis, and use simple phrases that can easily be cracked.
The good news is that there is an easy and inexpensive solution to the password challenge. Password managers are programs / utilities / apps that automate the entire process of generating, capturing, and using passwords on computers, tablets, and smart phones. Password managers are not only easy to set up and use, they can save lots of time once they are in place. The concept is simple – install the program on your device and set a master password that will be used to secure all of your other passwords. As you access accounts and sites on your device, the password manager will give you the option of saving the user and password for each login. If you are logging into an application or site for the first time, the password manager will offer to generate a secure password for you and store it away for future use. Generated passwords are randomly generated sequences that are the most difficult to crack and therefore more secure. Once a password is saved, it is automatically pre-filled along with the associated username each time you enter the application or website.
In addition to passwords, many of the password managers will store your name, address, phone numbers, email address, and even credit card information. This information can then be used to quickly fill in forms which saves time and eliminates entry errors. All of your passwords and personal information is encrypted for safety and can’t be accessed by anyone (including the government) without your master password.
So, which password manager is the best? It depends on a several factors including whether you access applications and the web from multiple devices, whether you are all Apple or have a mix of Apple, Microsoft, and Android devices. I will try to outline your choices starting with the simplest (and cheapest) options.
Scenario 1 – All Apple, All of The Time, and Free
Apple provides Keychain as the password manager option on the Mac, iPad, and iPhones (Mac OS and iOS). It is free to use and synchronizes passwords across all of your Apple devices utilizing your common iCloud account, but it only really works at this point on the Safari browser. It will not work if you use Chrome and it won’t work for most sign-ons to apps on the iPhone and iPad. These limitations mean that keychain is not viable for most of us.
Scenario 2 – Single Device and Free
If you only use a single device for your online banking, shopping, medical sites, tax programs and so on, then there are several free password managers including LastPass and 1Password that can work for you and won’t cost a penny. They are easy to install and work equally well across Apple, Microsoft, and Android platforms.
Scenario 3 – The Rest of Us
Most of us use a desktop or laptop computer, our tablets and our smartphones interchangeably throughout the day. This complicates the job of a password manager and means that usernames and passwords must be securely synchronized and managed across multiple devices and platforms. Fortunately, there are several password managers that handle this task seamlessly, but the synchronization comes at a cost. LastPass Premium currently charges a whopping $12 for an annual subscription and Dashlane will set you back $39 for an annual subscription. (Dashlane’s pricing reflects a feature set that addresses business users as well as consumer requirements.)
Consider where you need access to a password manager and do a little homework. PC Magazine has reviews on the top free and paid password managers. Pick one and try it. Even the paid ones have free trials. Just remember that you need to remember your master password! Be safe.