Password Managers

P

According to Verizon’s 2017 Data Breach Investigation report, 81% of data breaches are caused by poor credential management. Account breaches can happen when using weak passwords or reusing old passwords/sharing passwords across accounts. A password manager simplifies your online life by remembering your passwords for you and alleviating these poor habits. It will help to manage your logins, it’s easy to have a strong, unique password for every online account and improve your online security.

What is a password manager?

A password manager is a software application that stores, retrieves, and manages complex passwords, storing them in an encrypted format. Password managers store login information and automatically enters them to log you into your online accounts.

Why use a password manager?

A password manager makes your internet experience easier and safer. With a password manager to manage your logins, it’s easy to have a strong, unique password for every online account and improve your online security. It stores login information of various accounts and automatically enters them into web forms to save you time. This helps prevent:

  • The need to remember multiple passwords.
  • Poor password behavior such as low complexity or one repeated password for multiple sites.
  • Attacks like keystroke logging.

Why not use your browser to store passwords?

Most modern browsers offer a rudimentary password manager. This is the option that Chrome or Firefox might give you when you enter your credentials into a website. This is an easy option but is very limited in its functionality and security level.

The reason security experts recommend you use a dedicated password manager comes down to focus. Web browsers have other priorities that haven’t left much time for improving their password manager. For instance, most of them won’t generate strong passwords for you, leaving you right back at “123456.” Dedicated password managers have a singular goal and have been adding helpful features for years now. Ideally, this leads to better security.

Why my choice is LastPass

Most modern browsers offer a rudimentary password manager. This is the option that Chrome or Firefox might give you when you enter your credentials into a website. This is an easy option but is very limited in its functionality and security level.

One master password is all you need to remember to access all of your accounts! Just don’t forget that password. LastPass does not store your password anywhere so you’ll be 100% responsible to keep your password safe.

You can bring your passwords with you to any platform: web, desktop, and mobile. Compatible with every major OS: Windows, Mac, and Linux. LastPass even has a command line application. The passwords on one platform sync in real time on every other platform. This means, for example, if you change a password for a webpage on your web browser, it will automatically update the password on your tablet and mobile LastPass account.

LastPass is secure. The latest algorithms (AES-256, PBKDF2 SHA-256, and salted hashes) are used to encrypt passwords. LastPass never sees your passwords in plaintext and your master password never leaves your machine.

Your passwords are encrypted and decrypted at the device level. Your master password, and the keys used to encrypt and decrypt data, are never sent to LastPass’ servers, and are never accessible by LastPass. This means even if your LastPass data is intercepted or compromised, your passwords are still safe. LastPass employs a ‘zero-knowledge’ model: all sensitive data is encrypted locally at your device with a key that is never transmitted to the host (LastPass). As such, even under government subpoena, LastPass could only turn over an encrypted blob with no key. This serves to protect your data from internal and external threats alike. This is why it is not guaranteed that your account will be recoverable if your Master Password is lost.

Additionally, adding a 2FA software or hardware solution will provides an extra layer of security for your LastPass account. I personally have implemented a YubiKey hardware key. My secondary choice is a Google 2FA software solution. You can find out more information about the 2FA solutions later in the “Securing With 2FA” section.

Compatible 2FA Software

Compatible 2FA Hardware

LastPass has support for various fingerprint readers, including Windows Biometric Framework, as a Premium feature. Once enabled, you can use the Fingerprint reader to login to the LastPass browser extension, rather than having to enter the Master Password. This includes Master Password re-prompts as well.

Change a site’s password with a single-click. LastPass’s Auto-Password Change currently supports 75 of the most popular websites. Learn more about generating a password.

LastPass helps you make better passwords with their Password Generator. The generator can be adjusted for length, types of characters, readability, pronounceability, and other options.

Password Generator

What information do I store in LastPass?

Besides storing passwords, I’ve learned to store many critical documents. I use it to store a scannable library card, driver’s license, passport, credit card numbers, birth certificates, etc.

How much is LastPass?

Besides storing passwords, I’ve learned to store many critical documents. I use it to store a scannable library card, driver’s license, passport, credit card numbers, birth certificates, etc.

They have free and paid versions. If I’m using something like LastPass every day (I use it multiple times a day) I always try to support software companies using their paid versions. It promotes further development and you typically get a better version of the software. Using the family version allows you to share login information with other family members very easily. When you share information with family members, you can show or block the password for that site.

If you like my work and want to support further published docs, please consider using my affiliate link for LastPass: https://lastpass.wo8g.net/Rd7ba

A great article by Freedom Of The Press Foundation Choosing a password manager

LastPass (official) Video Tutorials: https://support.logmeininc.com/lastpass/video

YouTube Video Tutorial for LastPass https://www.youtube.com/watch?v=R6uxc524xnk

Add comment

By CryptoLab

Recent Posts

Recent Comments