Got a little black book of passwords? No? You should have one except it should not be in a hard copy, actually written down somewhere. It should be stored in the ‘cloud’ which can be accessed from anywhere with Internet connectivity. Your only risk, you could forget your MASTER PASSWORD to unlocking “the book.’
May 3 is World Password Day
Passwords are crucial to doing any work on a computer, particularly if your computer work involves accessing the Internet. Passwords are the key to preventing unwanted access to vital information, important private records, data which you want to be locked away securely from anyone else. Passwords are that key.
However, in this day and age of ever-expanding Internet use, with more and more applications, programs and sites requiring security via passwords, the lexicon of used passwords seems to grow ad infinitum. You need some safe and minimal risk means of keeping track of all those passwords. A password manager is your answer.
Password managers are programs which allow you to record passwords you use in a protected vault which only you can access by a master password which only you know. There are numerous password manager applications available and they can be found by doing a search on the Internet. Refine your web search asking the question, “What are the best 5 password managing programs?” Your results might list the following: DASHLANE, LastPass, ROBOFORM, STICKY PASSWORD, and KASPERSKY.
We have been using LastPass for a few years now and have found it reliable, dependable, and without any vulnerabilities as far as we know. The premium version is amazingly priced at $2 US per month, a bargain for what you get: multi-platform accessibility, auto-generation of passwords, auto fill-in of password information, auto launch of password-protected applications, secure note logging, extremely sophisticated encryption of your data.
LASTPASS has received many accolades, positive reviews and awards over the years. They have had numerous hacker attacks, the most successful, got past their exterior protective layer but no further. No user data was exposed or vulnerable in the attack. As importantly, LASTPASS was upfront letting the public know about the attack, where other password manager companies have never published that they have been attacked. Undoubtedly, they have been attacked as these companies are the low hanging upon which all hackers feed. It would be a victory of another stripe if any hacker ever succeeds in penetrating the defences of a password managing company.
LASTPASS prides itself on encrypting user information in many ways, so many that it becomes confusing just explaining what is done. First, LP uses military class 256 bit encryption, the kind used by the FBI, CIA and US Whitehouse. Next, LP encrypts data as it flows from your computer to their server and it does so at your computer, locally. So your data is encrypted before it ever enters the Internet highway. When you ask for retrieval of your encrypted data, the data again is sent out encrypted and the decryption code is stored locally on your computer. Should the data be intercepted enroute to your machine, the hackers only see encrypted data which they cannot access. But when the data comes to your computer, your computer and only your computer has the decryption code for unencrypting the information. The data is unencrypted locally, at or on your computer not out in the web space, the Internet. It is a great system and so far, LP has proven impregnable. But hackers only see that as making the target even more tempting.
LP has a free service, still as secure as its premium version. The only thing about the free service which differs from the premium one is multimachine accessibility. The premium version permits access via cell phone, tablet, laptop, and desktop and anywhere where there is Internet capability. A premium password manager at a very reasonable monthly cost.