Content provided by our partner Tom Bull, Two River Computer ~
We’ve all experienced this…we don’t remember the password for something. We try to reset it, but nothing happens. Or, if we do get something to happen, we can’t complete the reset because we can’t answer the security challenge questions.
What many folks have done over time is to reuse the same password…because it’s easy to remember just 1 password, right? That’s a time bomb waiting to happen. If you have your email address in your left hand and your email password in your right hand, you can NEVER USE THOSE for other accounts like Amazon or NetFlix or Bob’s Guitar City. If one of those places gets hacked, the bad guys will try to login to the email address from your left hand and use the password you gave from your right hand. And if they’re successful, really bad things can happen. Sometimes it’s as silly as your email address sending out Dr. Oz diet pills to all your contacts. Other times they hijack your email and start telling your broker to transfer money to an off-shore account…yikes!
In the beginning, when we started using passwords for our AOL or CompuServ account (I know I’m going far back,) there was no criteria for the password. You could use your pet’s name or maybe a combo of your birthday and your favorite sports teams. Mine was 1969mets for a long time! Then we needed passwords for a bunch of other things besides the internet and email. Some of those sites required a username and a password. Sometimes, and now almost exclusively, they want a valid email address as the username and a complex password to go along with it. Then the passwords you used to use were no longer acceptable and they needed to be longer and have capital letters, and numbers and sometimes symbols. Now it starts to get unmanageable. What’s a person to do?
You started a password list. Or maybe it’s just a collection of sticky notes under your desk blotter. Or maybe it’s a special password book with so many of things crossed out you’re not sure if the password you have is for the bank, your email or the locker at the gym! Since many of the websites want you to make the password more complex, we are having to change them often. Sometimes they want you to link the login to your cell phone so if you want to try to login or change a password, you have to put in a code that comes to your cell phone. That’s called 2-factor authentication and it’s a good thing but it’s also getting really complicated.
Enter the password manager.
It’s just like it sounds. It manages all the passwords we have. To open up the list, or as many call it, “the vault”, you only need a single password. Then the system can create complex passwords that are ridiculously hard to hack…or remember. But you won’t need to remember all those complex passwords, you just need to remember the password to open the vault.
The way it works is you download and install the software (we like LastPass and 1Password) and it will let you create an account and your vault password. This attaches to your web browser. Each time you put in a username and password into a website, it asks if you want to save it. You can make the password more complex if you like…crazy complex too if you want! And here’s the fun part…when you go to that website the next time it automatically fills in your username and password.
But wait, there’s more! Go to your other computer or even your smartphone and download the software or the app. Sign in with your vault password and every password you have in it is available on the other devices too! You can even use your fingerprint on most smartphones to put in the password. It’s a real-time and sanity saver.
What if I forget my vault password? That spells big trouble. You should be able to reset it with your email address and by answering the security questions, but the password company doesn’t know it and can’t reset it for you. Hard for you to change means harder for the bad guys to hack…and that’s a good thing. A really cool aside…you can assign a family member or loved one as an emergency contact so they can get your passwords if something happens to you. They won’t be able to see the passwords (usually) but will be able to get into the accounts already set up in your vault. That could be HUGE!
What if the password manager website gets hacked, won’t they steal ALL MY PASSWORDS? Nope, they can’t because all the data is encrypted. Even if they do get hacked, there’s nothing the bad guys can do with the data because it’s all scrambled up.
Time to get rid of the sticky notes, password book and all the headaches. Consider a password manager and spend your brain power not trying to remember passwords but figuring out what to buy for dinner…or who to pick for the Final 4 in March Madness.
120 Fair Haven Road Fair Haven, NJ 07704 (732) 747-0020