It
seems that I have a ton of sites I visit that require passwords, and it may be
that I’ve been lazy about selecting passwords for those sites, using the same
password on a lot of them. I’ve heard that this isn’t a good idea, and the
recent Heartbleed scare really made me rethink my policies. I’d like to create
unique passwords for each site, honestly, but I don’t have the time or patience
to both create and remember all the unique passwords. Surely there must be a
tool or web site that can make this easier?
We could not possibly stress enough
how important it is for you to maintain unique passwords, different for every
Web site that you visit, and we’re certainly glad you’ve asked this vital
question. We’ve written previously about password manager applications, that
is, applications that can maintain all your passwords and fill them in on
sites, as necessary. Using one of these applications, you need only remember a
single password to log into the password manager—it does the rest of the work,
maintaining the passwords and logging you into each site you visit for which
you’ve stored a password using the application. The four most popular
password-managing applications are LastPass (http://www.lastpass.com),
1Password (http://www.agilebits.com), Dashlane (http://www.dashlane.com), and
PasswordBox (http://www.passwordbox.com). You can find a comparative review of
these products from Wall Street Journal here: http://goo.gl/xtO16V. Another
favorite, although not rated as highly, is RoboForm (http://www.roboform.com).
We’ve tried all these applications over the past few years. Specifically, Ken
recently spent a month with Dashlane after several months with LastPass. His
opinion? Dashlane is certainly more attractive and easier to manage, but
LastPass seems less intrusive and (once you get the hang of living with it),
more reliable. All these products are available for Windows, Mac, and mobile
platforms, although Windows Phone isn’t supported by all the products.
All the password managers provide
browser add-ins, so they can intercede when you create a new password, or need
to log into a site. Each application provides a means of storing passwords, and
each provides a means of filling online forms with information such as your
name, email address, credit card information, and so on. Once you set up the
information in these tools, you should (in theory) never need to drag out your
credit card when making an online purchase; you shouldn’t even have to type
your address when purchasing from a new vendor.
But the question at hand was aimed
at creating new, safe passwords. All these tools, of course, include
functionality to help you create and manage unique passwords for every site.
Having tried them both, Ken can verify that both LastPass and Dashlane provide
a means of analyzing your existing passwords, and can tell you how many sites
you have set up that share the same password. They can also indicate the
strength of your passwords (the longer and more complex the password, the
stronger it is). All the password manager applications provide a means of
creating a new, randomly generated password for any site, and once you let the
application create the new password, it can store it and supply it the next
time you log into the site.
Ken recently embarked on a quest to
replace all his existing “simple” passwords with new, random, complex
passwords. He started the quest using Dashlane, and for the most part, the
process worked reasonably well. Problems occurred at times when DashLane
attempted to replace an existing password with a new one in its own
storage—many times, Ken ended up with duplicate entries for the same site,
leading to some serious confusion. He continues the task currently with
LastPass, and is finding the number of misfires less than with DashLane. Your
experiences may differ, of course.
In any case, if you find that you
use the same password on multiple sites, it’s time to consider changing your
ways. Most importantly, on your email and bank account(s), make sure that you
use a unique password for each site. In other words, for email and banks, make
sure you select a password that’s difficult to guess, and is significantly
different for each site. (And never consider using one of the passwords listed
on this description of the 25 most popular passwords: http://goo.gl/mzjBWy).
Check out LastPass, DashLane, 1Password, or one of the other available password
managers. Plan time to grow accustomed to the way the application works—it will
certainly be intrusive and bothersome at first, but it will save you time, and
most likely, your online identity, if you use it correctly.
No comments:
Post a Comment