" />

Tech Geek and More

Technology Explained for All

Sponsor Ad IDrive Remote Backup

Category Archives: LastPass

Software: What you should think about when choosing a password, plus DON’T WRITE YOUR PASSWORD ON A STICKY ON YOUR MONITOR.

     When my friend, Alex, asked if I’d consider writing blog pieces, I thought I was pretty content sticking to the 140-character limit. After a few days, I considered the possibilities of building on those short spurts of ideas and thoughts… but then came up with just a few 4-letter word phrases.

     Last night, I couldn’t sleep so as I lay in bed, my brain decided to come up with some blog topics. I came up with a long list of great ideas but could only remember a handful by the time the alarm went off. So a topic which is quite familiar and near to my heart…

 

dunce_cap-300x225

 

 

PASSWORD MANAGEMENT

 

There’s a great article from PCMag titled (LINK) “The 25 Worst Passwords of 2011 (http://www NULL.pcmag NULL.com/article2/0,2817,2383890,00 NULL.asp#fbid=NbjVjDnCX9F)”. For at least half of the passwords on the list, I can match at least one of my users (people I work with) to that password. Probably even worse is that I know how many of them “manage” their passwords: 1) in a notebook stored in a drawer, 2) on a sheet of paper under their keyboard, 3) on their desk calendar in plain view (it’s true, people still use paper calendars), and 4) (the winner) on a sticky note posted to their monitor or somewhere in their workspace, also in plain view.

I’ve given up proselytizing – they are people who begrudge change – and because mostly, I feel sorry for them. There is absolutely no possibility of embarking on a single-sign-on project in this environment. The systems they access are a mixture of internal, external, law enforcement agencies, private security companies, and each system requires its own set of security credentials and password policies. They have too many user names and too many passwords to remember.

For those who are more open to change, these are some of the recommendations I’ve made over the years:

1. Use the Notes function of Outlook to store user names & passwords.

2. Use a smartphone or special app designed to manage passwords.

3. Use (LINK) LastPass (https://lastpass NULL.com/). File this one under “Must Have Products (FREE)”.

4. Use a pass-phrase, like a complete sentence. Better yet, use a phrase in a foreign language!

 

Notes Function of Outlook

This is probably the simplest solution to use in an organization that uses Microsoft Office. You can use a single “sticky” for all of your passwords or use different stickies for each account. The stickies can also be color-coded. For those who don’t use Microsoft, (LINK) Google docs or other similar cloud-based solutions would have something similar in the form of documents or spreadsheets to manually manage accounts.

 

Smartphones

Most smartphones or PDA devices now come with a password management application built-in. If not, many apps are easily downloadable and installed. Most organizations that use Microsoft would also use an Exchange server which synchronizes Outlook data to the smartphone. In my case, almost all of my Outlook data, including my sticky notes, are accessible on my Blackberry. I learned recently that the iPhone does not natively sync the sticky notes data so my buddies who have gone to the dark side have had to get creative with accessing their notes. However, no matter which device you use – this is important – the smartphone should also be password-protected to prevent any unauthorized viewing of your data.

 

LastPass

One of my favorite things since the creation of the World Wide Web, LastPass is a web-based password management application that’s designed to work with any web browser and any operating system, and is easily downloaded from (LINK) lastpass.com (http://www NULL.lastpass NULL.com). Like many geeks I know, I’m way too cheap to pay $1 per month for the Premium version so I can only discuss the free version.

This little gem is a browser add-on and works beautifully with web-based authentication, i.e. web banking, Outlook Web Access, and other secured applications you access on the internet. You remember one super-secret password to access your master vault. Once you get there, it will automatically log in to a website you access or prompt you, whichever settings you chose when you added the website to your vault. If you access a new website, it will prompt if you want to save the site to your vault.

I also use it to remember passwords to non-internet-based applications. I just access my vault and click the “show password” link. In addition, I use LastPass as a convenient bookmarks organizer since it saves the URLs of the websites I visit.

 

Passphrase

Finally, in the past decade, many security experts have recommended using longer passwords or pass-phrases which are harder to crack by would-be hackers. Obviously, you want to avoid words you can’t spell, like supercalifragilisticexpialidocious. One of my colleagues thought it would be funny to reset my password to that word but I used it for a while till I finally got tired of it.

For example, the sentence “my husband’s football team is the 49ers” could be used as “Myhusband$footballteamisthe49ers” – this passphrase has a good combination of: length, upper case, lower case, numeral, special character and it’s easy to remember.

One of my favorite practices is using a phrase in a foreign language. “Si, va bene, lo prendo” is Italian for “yes, that’s good, I’ll take it.” My husband was fearful when I learned that one while we were in Italy. The passphrase could be “S1vabeneloprend0” (easier) or “S1v@b3n3l0pr3nd0” (tougher).

 

A good password or passphrase doesn’t have to be completely obscure, but just enough to keep you and your data SECURE.

Google Ads
View in: Mobile | Standard