What Is the Best Password Manager?
Create secure passwords! There have been several recent incidents reported by major companies and services that millions of people use: Dropbox, Evernote, Vudu all compromised in some way.
Users of these services received the dreaded email notification advising them to reset their password.
I received an email for my Evernote account which said in part:
I previously wrote about password protection, but these recent events serve as a great reminder to check your own practices.
Creatures of Habit We are creatures of habit, we may understand that having the same password for multiple log ins is risky and unwise.
However, not everyone can possibly remember secure random passwords that are unique to every site that requires a username and password.
Take something most people are familiar with, their automated teller machine (ATM) personal identification number (PIN).
I will refuse to call it a PIN number in this article because it is redundant, but how many times do you catch yourself referring to your "pin number"? A recent study found that the four digit code used to authenticate users with their accounts (a PIN) can be guessed for 33% of all accounts by trying 61 distinct combinations.
This is astounding when you are aware that for four digits there are 10,000 possible combinations of numbers that can be used.
The most popular of all PIN passwords was 1-2-3-4! Needless to say, the 20 most popular combinations are variations on sequential numbers.
The best type of PIN to have is one that is not memorable or significant to you in any way (that is purely random).
Other popular variations are using numbers in line with a phone keypad (2-5-8-0) and people's birth year (1-9-X-X).
What is the best password manager? As we learned in using the internet best practices, people need to guard against complacency.
Safeguard your PIN and do not share it with anyone.
I recommend using a password manager that will automatically generate a secure password for you.
A secure password is at least 8 characters long, uses a combination of upper and lower case letters punctuation and numbers.
I recommend that you take a look at programs that manage your passwords for you.
Programs such as: Lastpass (My program of choice) Keepass (open source) 1password
Users of these services received the dreaded email notification advising them to reset their password.
I received an email for my Evernote account which said in part:
Dear Evernote user, Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.What does this mean to you? It should serve as a reminder that you need to look at your personal password policy (PPP).
As a precaution to protect your data, we have decided to implement a password reset.
Please read below for details and instructions.
In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost.
We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.
The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts, and encrypted passwords.
Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption.
(In technical terms, they are hashed and salted.
)
I previously wrote about password protection, but these recent events serve as a great reminder to check your own practices.
Creatures of Habit We are creatures of habit, we may understand that having the same password for multiple log ins is risky and unwise.
However, not everyone can possibly remember secure random passwords that are unique to every site that requires a username and password.
Take something most people are familiar with, their automated teller machine (ATM) personal identification number (PIN).
I will refuse to call it a PIN number in this article because it is redundant, but how many times do you catch yourself referring to your "pin number"? A recent study found that the four digit code used to authenticate users with their accounts (a PIN) can be guessed for 33% of all accounts by trying 61 distinct combinations.
This is astounding when you are aware that for four digits there are 10,000 possible combinations of numbers that can be used.
The most popular of all PIN passwords was 1-2-3-4! Needless to say, the 20 most popular combinations are variations on sequential numbers.
The best type of PIN to have is one that is not memorable or significant to you in any way (that is purely random).
Other popular variations are using numbers in line with a phone keypad (2-5-8-0) and people's birth year (1-9-X-X).
What is the best password manager? As we learned in using the internet best practices, people need to guard against complacency.
Safeguard your PIN and do not share it with anyone.
I recommend using a password manager that will automatically generate a secure password for you.
A secure password is at least 8 characters long, uses a combination of upper and lower case letters punctuation and numbers.
I recommend that you take a look at programs that manage your passwords for you.
Programs such as: Lastpass (My program of choice) Keepass (open source) 1password
Source...