Passwords are a pain. With all the hacking going on these days, you need to use a different strong password on every site. Keeping track of them is a hassle unless you use a password manager.
LastPass is one of the most popular password managers. Unfortunately for those using it, they've been badly hacked and can no longer be considered a safe option. If you want the gory details, listen to episode 904 of the long-running Security Now podcast in which Steve Gibson and host Leo Laporte discuss what happened to LastPass and what you can do about it.
If, like me, you aren't a LastPass user, skip ahead to about the 1-hour 30-minute point in the podcast where they begin a discussion of alternatives to Last Pass. From the discussion, it sounds like BitWarden and 1Password are the top choices.
If you don't want to use a password manager, they offer a simple trick to increase the security of your passwords. From the show's transcript:
STEVE: And Password Haystacks teaches us the lesson that you can just put a bunch, like put 20 periods after it, and that makes it way stronger, way more impossible to brute force. And it's, you know, it's not a difficult thing to do.
LEO: Well, in fact, that is the advice somebody gave. If you are writing your passwords down and putting them in a little book, is that's not the password by itself. Add a 10-digit number that you know well. Always, you know, write it down. And that will not only lengthen the password appropriately, it will also make it useless if the bad guys find the book.
That's something I will start doing until I can get a password manager set up.
No comments:
Post a Comment