How to remember (and secure) your passwords with LastPass

Just about every site on the Internet these days requires a username and a password. We use passwords every day to login to Amazon, check our medical records, and to see what’s happening on Facebook. With the proliferation of logins we face every day it’s no wonder why many people choose to remember their passwords on a Post-It note stuck to the bottom of their keyboard or a notebook tossed into a drawer. While certainly convenient, these methods of storing passwords have obvious flaws.

Thankfully there is a plethora of software out there that can be used to securely store your passwords, help you generate new ones, and automate logging into a site. These password managers can store your passwords, help you generate new ones, and can even fill in passwords and forms for you.

Before we get into my recommendation for a password manager let’s address some common password issues:

 

  1. Every site tends to require or ban certain characters in a password. From a technical standpoint this is not necessary – passwords should be able to support any combination of characters, symbols, spaces, and numbers. However, due to lazy programming or arbitrary rules (or a combination of both) many sites force their users to use a mix of numbers and letters, both upper- and lower-case. Symbols are an example of where sites differ dramatically: Some sites will give you a short list of allowed symbols, while others will tell you that you can’t use any symbols at all. A few sites will allow you to use whatever characters you want for a password and still fewer sites require you to use symbols.
    So why is there a huge disparity among sites on what can be used and what cannot be used for a password? That’s an excellent question, and one no one seems to have a good answer to. Using a password manager though can help you generate passwords that will meet the site’s requirements, no matter how arcane they might be.
  2. Password lengths tend to be just as arbitrary as what is allowed in them. Some sites require a password that is at least 8 characters long. Some sites require more. Really bad sites don’t set a minimum length or specify lower and upper limits (must be between 8 and 12 for example). Again, chalk that up to lazy programming or bad corporate policies.
    It is generally accepted that, the longer a password, the harder it is to guess or crack. Allowing people to use special characters, including spaces, makes a password much more secure and memorable. For example, if a site allows spaces in its password one could use a favorite movie quote or passage from a book as his or her password, making the password both secure and memorable. Since sites have widely-varying password requirements it’s not possible to use this strategy on all sites, but for those that allow it, it makes a great way to keep a password in your head and off of the Post-It note.
  3. Many people re-use passwords. It’s just a fact of life that remembering one or two passwords makes life easier. Unfortunately this can lead to a huge security concern if a site’s database is compromised because now hackers can presumably use your common password from a breach at one site to login to another and wreak havoc. A password manager will allow you to create unique passwords that you don’t have to remember.
  4. Lastly, many of us never change our passwords. Once they’re set, that password becomes associated with that site forever and ever. Thankfully many sites (but again, not all) require people to change their passwords from time to time. The problem though is then we forget what our new password is and then we reset it back to something else, which is then forgotten again, and a vicious cycle is born. Again, a password manager eliminates this problem for you by safely storing your passwords for you.

The password manager that I recommend is LastPass*. Their site, lastpass.com, has a lot of information on how to install and use their password manager. They have two flavors, the free version which should work for 99.9% of people, and a paid version that has higher security, secure online storage, premium technical support, and more. You can compare versions here. If you want to watch a video on how to setup LastPass, check it out over here.

The way it works is simple: You create an account, download and install the browser add-on(s), and set a master password. Then, as you cruise the web, LastPass will offer to remember passwords for you. Better yet, it’ll sync those passwords to other computers (including your phone) for you if you are signed on. All you’ll ever need to remember is your master password. Everything else is done automatically for you.

If you create a new account on a site LastPass will offer to generate a secure password for you and save it. Then, when you login in the future, your super-secure password is re-entered by LastPass. You don’t even have to know what the site’s password is so long as you are logged into LastPass. It’s amazingly simple yet powerful security.

Please, check out LastPass or any other password manager you;d like. Using a good password manager such as LastPass will help you to stay safe and secure on the web!

*I do not get any money from LastPass, they are not a sponsor of this site, and I am not paid in any way for this endorsement. They just make a quality product that I highly recommend using.