Tag Archive Lastpass

Keeping the Bad Guys Out of Your Online Life: (Part 1: Managing your passwords)

We all know of, or have been targets of data breaches, and “hacking” of online accounts. Most of us use the same email address and password for many different accounts, including email, banking, and others. If the bad guys get access to one database of usernames (usually email addresses) and passwords, they can use those email addresses and passwords to find and access other, more valuable sites including our actual email accounts and online banking.

The first important step to stop the bad guys is to use a different password for each online account. Better yet, use a different username/email address as well. I’ll address separate email addresses in a moment, so stay tuned.

Hold on! How can I remember all those different passwords? A Password Manager is the best solution here. A password manager encrypts my personal database of passwords using a single password, or key phrase. This encrypted database may be stored locally on my device, or in “the cloud”, depending on which app I choose. There are a number of apps and services like Lastpass, 1Password, RoboForm, OneLogin, Dashlane, KeePass, and others. I have used several, but use Lastpass today.

When I go to an online service to login, the Password Manager will recognize the site, decrypt my local “database of passwords”, and then fill the username and password into the login page for me. There’s no need to remember a long list of separate passwords. Since each of my online accounts has a different password, it is much less likely that one compromised user database can be used to access my other crucial online accounts.

What about separate email addresses for each account? If I’m using Gmail, there’s a simple solution waiting. Imagine that my Gmail address is [email protected]. Instead of registering for an online banking account using [email protected], I can use something like GoodGuy+mywellsfargoacct@gmail.com. Any email sent to this unique email address will still arrive in my [email protected] account. Any bad guys finding my email address and password for any of my other accounts will not likely know to add the “+mywellsfargoacct” to the email address when they attempt to access a Wells Fargo account using my primary Gmail address. No extra set up is needed to use these “+” addresses. Just some imagination and a password manager tool like Lastpass to keep track of them.

Separate passwords for each online account, plus separate usernames/email addresses, and a password manager tool like Lastpass is the first step to securing your online identity and protecting your assets.

Next in the series:

Tags, , ,