Are you writing your passwords down and leaving them underneath you keyboard ?
"Let's make your password more secure", they said.
The password to the online application changed to a longer alphanumeric with added special characters.
The password was secure and sophisticated that it had to be written down on a piece of note and taken out of under the keyboard whenever it was time to use it.
Does that ring a bell?
Let me tell you that although the password is now complicated and complying to the company policy, you have now created a new security risk which is leaving written password hanging around for people to see and perhaps even unrightfully take.
The following doesn't just apply to people who write down their passwords; this is for all people who are seeking a much more organised method of managing their passwords.
First up, we have LastPass.
If you are a person who is comfortable with your passwords being hosted by a third party provider and love the ability to sync your passwords across all of you devices, then this application is something you should consider.
Cloud-based password managers replace the physical notebook you carrying around and take our when you are doing online banking or just performing everyday tasks.
Imagine though, this notebook gets misplaced and end up in the wrong hands. There is nothing worse than having uninvited people have access to your personal or banking details being taken away from passwords to all your sites like internet banking and personal information.
LastPass is considered one of the world's one number password managers who have had no records of a security breach as of yet. It is the ease of use and security features has made this application number one.
Let's go over some Pros and Cons, shall we? Let's start with the Pros.
- Autofills passwords on your browsers and phone applications
- Contains an inbuilt password generator
- 2-factor authentication is available
- Access on all devices ( Apple iPhones, Andriod, PC's or Macbooks )
- Sync across all of your devices.
- Very easy to use
- Anything traversing the Internet can potentially be unsafe, so storing your passwords on a 3rd party provider can be a risk.
- Many Enterprise security policies prevent you from using 3rd party password managers in the workplace
Who should use it?
Well, approximately Over 13,000,000 people already trust LastPass, including 43,000 businesses. The award-winning password manager has rated 4.5 stars on the Chrome store with 24,000 reviews.
LastPass is free to use for one person however extended features, and additional users are offered on the premium versions starting at $4.22 AU and above a month.
Now over to our Non-Cloud based recommendation Keepass; This means that it does not require an internet connection to operate, but at the same time, it does not sync across devices.
Is it secure?
Yes, BUT .. it is only as secure as your PC or Mac. If your computer is compromised or has malware, nothing on it is secure anyways.
But let's get straight into the features.
- Stored locally on your computer and not synced or shared across any device.
- It's free to download from here
- Able to generate strong passwords
- You can create multiple databases ( work & personal )
- Store as many passwords as you want
- Drag and drop feature
- Password stored securely
- Does not sync across multiple computers
- It will not pre-fill passwords into phone applications or browsers. ( you need to enter it yourself )
- The user interface is designed to be useful and practical, not "beautiful."
- Since you can only use locally ( on your pc or mac ) this means you need to type your password manually to your phone or tablets when required.
Now you might be asking what we use here? There was a time we used the same password for every portal, so we didn't have to remember them.
Let me guess; this might be you right now, though. One password fits all.
Sure it makes sense only to memorise one to log you into everything.
Until a hacker gets hold of this one password and a list of sites you use and you now have an avalanche of hacks.
All because it was convenient to stick to using one.
The moral of the story is to use different passwords for every site.
We use KeePass to store and manage our passwords.
Since we mentioned that Kepass is stored locally, we store a copy of the database file on our in-house cloud storage solution ( which we know is very safe ) and sync the encrypted data across our devices. For mobiles, we download and install the KeePass app from the apple or play store to view the file.
We encourage you to implement practices to manage your passwords securely and efficiently.
The real question is if your business was hacked today, how would it affect your customers?
Stay safe !