Why do I need unique passwords?
There have been many companies who have fallen victim to hackers recently. The information that was stolen from them was YOUR information. If you maintained an account on HomeDepot.com before it was hacked, and you use the same password on your email account or your banking site then it makes you a target for attacks on those sites as well. The hackers are smart enough to try variations on your password too. So making it just a little different doesn't help.
Why do I need a complex password?
When hackers steal data from a company, the passwords are encrypted. The shorter and less complex passwords are figured out first (often in a matter of seconds.) The longer, more complex passwords can take weeks to decipher. So by having a complex password you buy yourself time to change your password before you are vulnerable to attack.
What do you mean by complex?
I recommend the longest possible password you can use. Some sites have limits on password length, but many do not. I typically use at least a 20 character password. My passwords are completely random from upper case, lower case, numeric and special characters. Something like: %dTr*fWs19a@bLkm7^s6 That is impossible to remember. Also, if you are going to have a unique password like that on every site you use, you're going to need some help.
What is a password manager?
A password manager creates and stores your passwords for you. It can fill in your login information for you and maintain a unique password on every site you use. Some have more advanced features which we will cover in more depth in a subsequent article.
How does it work?
Different password managers work in different ways, but basically they store your login information in an encrypted file. They may offer a way to synchronize the information between multiple computers and mobile devices. Typically a password manager is installed on a PC or Mac as a browser extension. Most work across different platforms, like Mac and PC even iOS and Android. When you go to login, you activate your password manager and it will log in for you.
How do I get started?
Prime Insight has been using LastPass for several years now and it is the password manager we are most familiar with. There are others, but this will feature LastPass from here on out. Go to http://www.lastpass.com and download and install the software.
Once you have it installed it will prompt you to save your password when you visit a new site that has you login. We recommend you save your current passwords with LastPass for a week or two. Make sure to visit every site you can remember having an account on. Once you have a number of accounts logged with LastPass comes the fun part!
LastPass has a feature called "Security Check." Once you have a number of sites logged with LastPass, select the Security Check from the drop down menu in the LastPass tool. It will analyze your passwords for strength and uniqueness. From there you'll have some decisions to make.
I personally did not follow these recommendations for a long time. I used simple passwords, and I reused the same password on many sites. I figured there were so many more people out there that I would just get lost in the crowd and be safe. But when I saw the results of the Security Check it served as a wake-up call for me. I began changing my passwords on every site, and now I do adhere to the idea of a very long, complex and unique password on every site.
I would start with the basics first. Your email account(s) and any banking accounts. Make sure those are protected first and foremost. Why email? Because if anyone gets access to your email they can reset your password on any site. I would then update social media sites (like Facebook or Twitter) so that personal information cannot be used to try to guess your passwords on other sites. And to protect your friends and families from invasions that appear to come from you.
This is the "getting started" guide to a password manager. Keep watching Prime Insight for more articles on getting the most out of a password manager.