Password management can be tricky. It’s hardly news our world is becoming more “digitalized”. That’s both exciting and terrifying at the same time. Millions of data is compromised daily and although (some) companies and services now force their users into picking safer Passwords, many still don’t have safe Password requirements. Several account verification possibilities have also been introduced, such as face and fingerprint scanners, two-factor authentication, and more.
Since people are generally too dumb to come up with a safe password brands such as Facebook and Google are forced to work immensely on security and authentication safety. But there is another reason too. The Internet is filled with bad guys and girls, that will go a long way to breach anyone’s security.
You are a target, I am a target, we are a target. Sometimes we are compromised without even finding out, perhaps you have been pwned already?
In this topic I’m going to talk about strong passwords and password storage. What defines a strong password though? According to Google a strong password meets several criteria’s. Such as combining different types of characters, upper and lower-case letters, special characters, and length. I think a lot of people are reluctant to using a strong password because they believe that they’ll easily forget it. And they are also lazy. To get some perspective you should ask yourself “What might the consequences be if my password(s) is compromised?”.
Another thing that people are generally bad at is password storage, while many will never have to consider storing a password somewhere as it’s something that they remember instantly, they won’t have to worry about it. That is a bad idea. You don’t want to be emailing passwords, nor do you want to store them as plain text on your computer or in your mobile phone. Passwords should only be stored in an encrypted environment. If you happen to lack one, it’s much better storing your password on a piece of traditional paper.
If your own passwords and accounts are at a higher risk of being compromised due to weak storage – which can possibly cause irreversible damage for your own self – it might be a lot worse if anything were to happen to your client’s password in your possession. Presuming you do have clients, and that you have access to some of their accounts for let’s say, marketing purposes. Right now, you must accept the fact that you too are vulnerable, and remind yourself of what the consequences might be if your password was leaked and you were unable to fix it quickly.
Making a strong password
My recommendation will be that you use a password generator, over trying to come up with something yourself. If you turn to a password generator such as Norton you can choose the standards for your new passwords. At first, I thought the same as you do; “I am never going to remember this”. But my initial strategy was simple, have my password written down on a piece of paper, and after having used the password a few times every day for a couple of days it stuck like glue.
Then I didn’t need the paper anymore, but I kept it just in case I would have a sudden loss of memory. Safest practice however, is if you have different strong passwords for different logins. That means your password wouldn’t be the same on Facebook, Gmail, Instagram, Twitter, they’d all be different. My Twitter gets compromised? Alright, I can make a recovery there and I might not have to worry about my other accounts since all my passwords are unique.
Luckily if there’s an unauthorized logon attempt bigger networks like the ones mentioned above will notice this and restrict access. Unless the intruder has access to your email or cell phone, he or she shouldn’t be able to breach the restriction. But there are still countless of websites that doesn’t utilize this kind of security system so at some point you wouldn’t be safe anymore.
The next step for passwords
So, you have realized that it’s a headache keeping multiple strong passwords in your head and from time to time you confuse them. It takes longer to login because you’re stressed or forgetful. “What if there was a tool that could do all of this for me?”, right? It might just be your lucky day, that is if you are unfamiliar with password managers.
Essentially a password manager will store all your passwords in a heavily encrypted environment, non-accessible even to those offering the service. Plus, generating strong passwords for you and saving them so that you don’t have to worry about remembering them. All you must remember and preferably have written down on some discrete piece of paper, is a master password.
The master password is a “one key to everything” type of thing. You’ll authenticate to your password manager obviously using the master password, and then the application will let you access your data. The best password managers have apps for your phone, browser extensions, etc. that will (provided you are logged in) automatically authenticate you and ask whether you want to save a new password. Say farewell to typing in passwords, as your password manager will do that for you. Besides, you can store other sensitive information such as notes and bank accounts as well.
By now you are probably very eager to get your hands on one of these passwords managers to carry with you. So, let’s jump straight into the password management tool that I am currently using.
First, I am not affiliated with Dashlane. It’s just a tool which I was fortunate to find while searching for a good password manager. What made me go with Dashlane was its user-friendliness, compatibility, and promised safety.
If you are on Linux you can add it as a Mozilla extension which works just fine. Having it as an app in my iPhone is incredibly smooth and it syncs between devices, too. While I could probably write a three-page review about this I am going to simply leave the link here for you to explore further if you find this interesting.
The only thing I dislike so far (having used it for almost a year) is that sometimes when logging out from a site and is returned to the login screen, it will log you in again automatically. But I am confident there’s a setting to disable that, I’ve just not bothered to check as I’ve gotten used to logging out twice every now and then.
It’s also a bit annoying that the bulk password changer works on limited sites and not so many major ones. It’s understandable some companies disable third party applications to change a password though, hopefully there will be more of this soon. Being able to bulk change passwords across multiple sites – what a dream that would be!
Alternatives to Dashlane
All in all, I am not saying you must go with Dashlane. There are plenty of highly rated password managers out there, but as I haven’t used or experienced them I cannot give you any specific information. I think there’s a small difference in general between the top-rated password managers, and that you will be fine with either of them.
Keeper is a tool with the same purpose that you might want to check out as well. You do get a free trial before having to decide whether you want to buy a license. If you ask me it is a cheap insurance for your safety and privacy online, and especially if just like me, have a lot of accounts and passwords to keep track of.
Bottom line is: use a password manager!
I’ve made it a habit to only store passwords in my password manager, that includes client passwords which I may store there temporarily for the time that I am going to have access to their accounts. After that, I give them a recommendation to change their password just for the sake of it, should it be that I no longer work together with them and there is no reason for me to know their password.
The ideal concept is if you are not given client passwords since it’s usually not necessary; AdWords accounts can receive invitations and WordPress websites can have more users. But the reality of that might be a bit different at times, depending on your client. Always recommend an invite or second user over having to potentially guard yet another password.
The post Password Management for Yourself and Your Clients appeared first on AVONCY.