You’re probably right when you think that no one is trying to guess your email and password. You just need to understand that’s just not how it works.
What happens is a website gets hacked that you signed up for with your email / password, those get added to a list and pushed out to the public.
If you have the same password for your email, now they can go through them and learn more about you. Find out who you bank with, maybe you use the same email and password for online banking.
They can find where you shop, does your amazon use the same username and password?
How about this example, maybe they find out you run your own online shop and can go right to your website, visit the /wp-admin/, and try logging in.
If it works, he now has access to all of your customer’s names, addresses, phone numbers, emails, etc…
When you start using multiple passwords for different sites, do you see how quickly the security significantly increases?
This is when most stop increasing their password strength, they hate all the crazy characters and numbers and capital letters. Usually just a word with some flare added to it. Sound familiar?
This is when we should be setting up a password manager.
Something that allows us to only need one password in order to access all of our other passwords. A program that helps us generate secure passwords as we’re signing up for new websites and remember them the next time we visit.
This comic from XKCD demonstrates the idea well. It changed the way I looked at password strength and I’m happy to share it with you.
The main point is that we’ve been making passwords that are easy for computers to guess and hard for humans to remember. Since most people have short passwords and minimum length requirements, hackers always start there and ad one character a time as they try all the possible combinations for each length. With this, the longer that the password is the more time it will take for a computer to guess enough times to get the correct combination.
Unfortunately we can’t just randomly string together a bunch of words. Hackers know this trick and have stepped up their game. Leaving us with generating random passwords with software, since humans can’t seem to be as random as we think we are.
I’ve been using a LastPass for a few years now, and with over 100 websites I couldn’t be more thankful for it. They all have unique passwords and if any of them are compromised it wont lead any hackers straight to everything else I have access to.
How Will I be Able to Use Any Of My Accounts On My Phone?
LastPass has apps for all mobile phones, tablets, and browser extensions for desktop and laptop computers. All you have to do is log into your LastPass account and it will integrate into your browsers like a good password manager should.
What About Sharing Passwords?
At most workplaces, password sharing is common practice. If you’re not able to make a new login for the person you want to have access, Lastpass allows you to grant access to a login without having to share your password. So, if you need to revoke access at any point, you wont need to change your password.
Having this kind of control over your login data is another significant leap
Keeping Your Passwords Fresh
Another good practice is to change your passwords a few times a year. This is a good idea since sometimes data breaches don’t always pull current data. An old backup file might be compromised from an earlier date, if your password has been changed since then you have already protected yourself against any future attacks.
Forming a good habit of creating new passwords frequently gives you another big leap in security. LastPass will remind you when a password hasn’t been changed in a while, generate a new secure password, and assist in changing them.
LastPass even has a “Security Challenge” that audits all of your accounts and finds re-used and nonsecure passwords.
How To Get Started
Download and install LastPass, and create an account. We will start small with only the most important login details first.
- LastPass Account
- Online Banking Account(s)
- Email Account(s) ( Work, Personal, Private, Etc… )
- Social Media Account(s) ( Facebook, Instagram, LinkedIn, Etc… )
- Monthly Subscription Account(s) ( Adobe, Spotify, NetFlix, Hulu, etc… )
Once you have your main accounts covered, You can browse normally and update passwords as you revisit websites that you log into. Every time you log into a new website, LastPass will ask if you’d like to save it into your vault. You can then update the password immediately or wait until your reminder goes off and update it at a later date. If you have the time though, you should just do it right then. That’s kind of what this is all about, right?
Additional Account Security
Imagine when you go to log into your online bank account and they text your phone with a secret code for you to enter before being able to see your account details. Even if a hacker has all your details, he would still need your phone in order to be granted access. This is two-factor authentication. One factor being the username / password, the second factor is the unique code they text out.
It doesn’t have to be just a text message either, it could be an email or a phone call. The text feature physically requires access to your phone which creates the highest amount of protection for you. The additional layer of security makes it once again that much harder for anyone to access your personal information when they shouldn’t.
Securing Those Around You
The more we can secure the people around us, the more secure we become at the same time! Please consider sharing this with your friends, your family, your employees or co-workers… Everyone can benefit from having secure passwords. If your friend gets hacked, the hackers will steal your email address from them, your email will be sold to spammers and they’ll be emailing you soon. You don’t want that do you?
The thing about technology is that it’s always getting better, so what computers consider several weeks worth of work right now, in 5-10 years could possibly be easily done in a handful of hours. This comes from increased computing power and quick depreciation of prices on technology when new tech is announced and released into the market.
As prices drop, it’s easier for hackers to obtain better equipment than they currently have and constantly be upgrading their systems to for more efficient attacks. This is why things like retina scanners and fingerprint passwords are becoming more popular. Something a lot harder for hackers to hack.
- Use A Password Manager to help create and store unique and secure passwords for all of your accounts
- Create new passwords 2-3 times a year for important accounts
- Set up Two -Factor Authentication for important accounts
- Never tell anyone any of your passwords. Just LastPass it to them while they need it 😉
- Tell everyone you know
I hope this information was helpful to you and that you find yourself no longer fearing that you’re going to get hacked one of these days.
– Andrew Kaser