I thought I’d start right off with what is probably the most disregarded yet easiest to implement security practice of all. Password management. We all have many websites we frequent and so many logins to keep track of. So what do most of us do? Well, most of us don’t pay heed to what the security experts tell us and use a different complex password for every site we’re signed up with. No, what we typically do is memorize one really good password and use it on everything we come across.
Some antivirus software packages come with password management built in. I have yet to find one that lives up to my expectations however. So that leads me to, as you probably surmised by the blog title, LastPass password manager.
There are a couple other competing password managers out there and I’ll discuss them another time. I have used all of the top applications to great extent and LastPass is hands down the best manager out there in my opinion. And it’s free. For single device use.
It supports multi-device synchronization but that will actually cost, but it’s only $12/yr. That’s only a dollar a month. Well worth it for the peace of mind you’ll get from using it on all of your devices. I have it installed on my laptop, desktop, android phone and iPad. Best twelve bucks I ever spent.
How does it work?
Pretty simple. You install a plugin to your favorite browser, set a single master password which is the only password you’ll have to memorize. Then just go about your normal activities and whenever you login to a site, LastPass will capture the data and ask if you want to save the login. Click yes, give it a name and that’s it.
The next time you go to that site LastPass will have your login information available and fill in the login boxes with your credentials. All you need do is press the ‘log in’ button. It will even auto log you in if you choose that option. It also has a very nice password generator, secure notes, security auditing, and can save multiple accounts for a single site. So if you have six Gmail accounts it will juggle those for you as well and give you a drop down menu to allow you to choose which one you wish to log into.
You can also launch a site by just opening the lastpass vault and clicking on a site. You will be directed to the site and auto logged in lickity split. Pretty neat. They’ve also covered all the bases. Available plugins for Firefox, Chrome, Safari, Opera, Internet Explorer, Seamonkey, and also comes in flavors for Windows, Mac, Linux and mobile. They even have several options for two factor authentication if you want that added security. (I highly recommend it).
I’ve been using LastPass for about five years now and couldn’t get by without it.
A word of advice, don’t ever forget your master password, you will never get your login information back again if you do. I learned that the hard way three years ago when I got hacked, I hastily changed my master password, didn’t write it down and promptly forgot it in all the confusion.
Now what I do is once I have all my accounts in LastPass I first export all the login data to a CSV file and then print it all out (and then delete the file) I then scribble my master password on it and toss it in my safe. That way if anything happens with anything, I’m covered. If someone breaches my backup in the safe I have much bigger issues to deal with than website logins. ; )
You can hop on over to their site; https://lastpass.com/ for a more detailed description. And then download and install the plugin, only takes a couple minutes guys and gals. Once you have it setup I suggest you go login to all your sites and use the password generator to change the passwords to something that’s a bit more difficult to hack and unique. Then come on back here and we’ll see what else we can work up.
Until Next Time