With so many passwords to have to remember, it’s tempting to throw in the towel and make it easier on yourself by reusing the same four digits (like your birthday) or some combination of your pet’s name and your last name.
But that’s the absolute last thing you should do if you’re concerned about protecting devices from hackers.
According to Angelo Frisina, founder and CEO of Sunlight Media, there are practical steps anyone can take to better secure themselves from potential cyberthreats — and they include relying on a third party to create passwords that are far more difficult, if not impossible, for hackers to crack.
“One of the common pieces of advice in recent years has been to use a password manager to securely handle the passwords for all of your internet accounts,” Frisina says. “Once touted as an almost fool-proof strategy for safeguarding your account information, the use of password managers now comes with at least a few caveats worth being aware of.”
If you’ve never heard of a password manager, Frisina says the simplest way to describe it is as an “OS and/or browser-based application for the purpose of storing and organizing a user's passwords and other account information.”
Basically, a password manager makes your life 1000 times easier by storing complex passwords for every single one of your accounts in one safe place.
When you attempt to access a website, say your banking site, instead of remembering one of 20 difficult passwords, you would simply have to input a “master password” for the application.
“The idea behind this is to utilize a strong password for each of your accounts, without having to remember them or keep them in an otherwise non-encrypted place (such as a piece of paper or text file),” Frisina says. “Most of the better password managers out there have a feature that will generate a unique, random password (with certain variables such as length and type of characters/symbols used), that can be saved for each of your accounts.”
Before you choose a password manager it’s important to do your homework — after all, you are entrusting one with the codes that will unlock your personal data.
Recently, LastPass, which is one of the most popular, free password managers was discovered to have a bug that compromised the security of user’s passwords, Frisina says.
“Should a user of a browser-based password visit a non-secure site (such as a phishing site meant to look like a common site like Facebook or Google), a hacker can gain access to all of your passwords with a few simple lines of JavaScript,” Frisina says.
Sounds scary, but this doesn’t mean you should give up entirely on using password managers. LastPass is working on its bug issue and most programs are still far more secure than plugging in your 4-digit birthday or mom’s name as passwords.
“The best recommendation would be to use a desktop-based password manager, such as pass or KeePass, use the built-in browser password manager offered by Chrome, Firefox, and Safari, or simply use an encrypted, password-protected text file on your desktop,” Frisina says. “Even the latter would be more secure than using a browser-based password manager.”