Following on from my blog post on beefing up WordPress Security I’m going to talk a little about passwords and password management. You may have forgotten your username or password for your account at one stage or another?
Well lets face it you’ve got a lot of usernames and passwords. You’ve got your email password. You’ve got the Control Panel login username and password? Maybe you’ve got multiple accounts if you’re a web developer / designer. You’ve got the webmail username / password .. you’ve got the FTP password for accessing your site and maybe you’ve got a WordPress login username / password as well? Running Google Analytics on your account? you’ll have a google email address and password as well .. PHEW!
If you follow tech news then you’ll probably know that there’s barely a day goes by in recent times that a major breech of a website occurs revealing countless usernames / passwords (whether encrypted or not ) and a host of other details.
If you think about this happening and a hacker of these sites being able to see / decrypt your password then they possibly have a lot of details about you. Your email, username and it’s probably safe to assume for the most part that you use the same username/email address on most websites? A lot of people also tend to use the same password on many of the websites they use or a slight variation on it. Maybe you’ve got one password for the various forums you use? If one is compromised they potentially now have access to a lot of the systems you use.
Of course you may be quite happy using the likes of Firefox password management to store your passwords? I can go to Firefox -> Preferences -> Security -> Saved Passwords … and Show passwords … that anyone with access to your computer can do? Though you are using a master password on there right?
So assuming you want more what can you do? Choose a ridiculously complex password for each site?
Well what if I told you it’s easier than you think and no you won’t end up with the situation where you’re thinking “What the hell is the password I used on that website?”
Enter LastPass which is a pretty powerful password manager.
You give it a master password and it can store all the access details for the various websites you use.
It also stores all the details in an encrypted format which is uploaded to its systems so without your master password it can’t be accessed.
Please make sure you never forget your master password.
So at a glance … visit your preferred website in my case it’s boards.ie and I’ve 1 account on there and I get the option to autofill my username and password. Have multiple accounts for the Blacknight Control Panel you’ll have multiple options.
Need to generate a secure password? It’s just a click away and you choose how complex the password is going to be.
You can choose the length characters and various other options.
On a different machine? Not a problem install LastPass in the browser on the different machine and you’ll be able to sync your details.
The free version gives you all this. The premium version at a cost of $12 gives you the ability to use LastPass on your mobile device so you can log into your apps and websites with ease.
Don’t like the idea of storing encrypted details in the “cloud” there are always other options such as KeePass.
Personally it took me a day or two to get used to LastPass and now I simply can’t live without it.
Add notes for website / FTP details and so on it’s all encrypted until you unlock it and you control the security of LastPass and when it prompts you to enter your master password.
LastPass will import your existing passwords. It’ll tell you when you’re using the same passwords on multiple sites so you can go about fixing that. It’ll generate secure passwords you can use. It will prefill login and registration forms and let you choose alternative accounts quickly and simply. What’s more if you’re using the premium version you can share sites and access with friends and family who are using it as well.
My personal advice for password management it’s hard to beat. Install it today 🙂