Password Managers (update) [howto]

Password Managers are an easy way to avoid the pitfalls of using the same password in many places, since when one of them is breached, someone will have your password for all the other services where you use the same password.

http://www.csoonline.com/article/3198507/security/the-6-best-password-managers.html
I also encourage you to google “password managers” and see what features work better for you personally.

Of course, access to this vault must be as well protected as you can make it since all your family jewels are there.   You can use 2FA (two factor authentication)  or even something as simple as a paper notebook that you keep in your (locked) desk drawer.  The nice thing about paper is that it is not remotely hackable (there is no electronic record unless your computer can open your desk drawer, open the notebook, and look at your written notes).    Warning:  household robots will be able to do this soon (ha ha), so before you buy or lease your robo-butler/ robo-maid, make sure his/her security is good.

Some of the recommended ones are convenient, and sync across your multiple devices (laptop, phone, tablet), but that generally means if one of them is attacked and breached, it might not even be your own error or sloppiness.  Even highly rated tools such as LastPass was found vulnerable as recently as July 2016, and the good news there is the weaknesses were found by researchers instead of criminals and was fixed early on.  That’s what was reported in the news.  What’s the takeaway?  Sometimes a clumsier password manager that does not depend on an online storage and synchronization, won’t be vulnerable to the online service being hacked.  One strategy is this – for example:   Use a standalone manager such as PasswordVault on your PC and android, and use a file sharing service (box.com, dropbox.com, google docs, onedrive.com) to synchronize the file itself across your platforms.  This way, only you have access to the passwords in your vault.

Advertisements