Passwords: Make it safe

Got hacked, locked out of files and accounts? It happens to lots and lots of people.

A few people are actual selected targets. A small minority I believe. The others? They’re the “catch” the result of cyber criminals casting a wide net with their tools.

When I talk with people about safe passwords they often say things like “I can’t remember so many” or “It’s too hard to come up with good memorable passwords” and often “I just don’t understand how to manage it”.

To them I say a password manager is your friend and protector. Refer to this article, Why You Shouldn’t Use Your Web Browser’s Password Manager, for useful information about password managers.

A few things that I see a bit differently than the article.

First, I disagree with the basic premise. In my experience the best way for people to start doing something new is to start from where they’re already at.

So if you want to use the password manager in your web browser then go ahead. You must stick to using that browser. If you already do that why not stick with it?

Second, I disagree that the open source password managers mentioned are more complex than the password managers mentioned, especially if you already store files on the cloud with Dropbox, Google Drive, etc.

And I see an advantage for the separate password manager. If you use a password manager like KeepassX and the file sharing site gets hacked you’re still the only one with the password database’s password. If your online password manager site is hacked then all your passwords are compromised.

In the case of using your browser or something like LastPass to manage your passwords an account must be created with the provider of the password management service. Essentially only one layer of protection.

If KeepassX or something similar is used there’s two layers. The file sharing website and the password database itself.

Multi layer protection is where it’s at baby! (said in Austin Powers voice)

The most important part of all this is to set up different complex passwords for each site you use.

Use your browser’s password manager, an external service like LastPass or a separate password manager like KeepassX combined with an online file storage service to create unique complex passwords for each site you use and you’ve improved your security by leaps and bounds.