Password Tips, Tools, and Managers
Recent attacks on online services such as bit.ly and vulnerabilities discovered in other sites due to the Heartbleed Bug have resulted in a wave of requests from online services for users to reset their password. The password is the most important piece of information any online user creates and should be carefully crafted. If your password has been discovered by those with malicious intent it could lead to compromised security of your personal information. Users should create strong passwords which make it difficult for their account to be hacked. Microsoft provides tips for creating a strong password which should be reviewed as your reset your password. You can also benefit from Microsoft’s Password Checker which will allow you to test the strength of the password you have created. The United States Computer Emergency Readiness Team (US-CERT) lists the following security tips for choosing and protecting passwords:
- Don’t use passwords that are based on personal information that can be easily accessed or guessed.
- Don’t use words that can be found in any dictionary of any language.
- Develop a mnemonic for remembering complex passwords.
- Use both lowercase and capital letters.
- Use a combination of letters, numbers, and special characters.
- Use passphrases when you can.
- Use different passwords on different systems.
Despite all the online tips and services for creating strong passwords users are still leaving themselves vulnerable to hacking and attacks. An October 2013 security breach at Adobe that gave hackers access to 130 million passwords revealed that despite tips and tools for creating strong password many users are not following through on creating strong passwords. The top five passwords stolen from Adobe included the following:
Many people have trouble keeping up with passwords and as such often reuse the same password on multiple platforms which only puts their data at higher risk. Password managers are one way to help users maintain different passwords across multiple sites. With so many sites needing passwords a password manager is a great tool to organize this information and keep it safe. A PC Magazine post recently reviewed various password managers to help users decide which one is right for them. The editors of the post warn that moving to and setting up a password manager can “involve some serious work.” The post going into detail about each manager as well as those which include an added layer of security such as fingerprint recognition for the password manager password. The top three password managers from the article include:
- LastPass 3.0 (Free)
- LastPass 3.0 Premium ($12.00/year)
- Dashlane 2.0 ($19.95/year; free edition available)
A comparison chart of password managers can also be found online from TopTenReviews.