Create Secure Passwords and Forget ‘Em!
LastPass, truly the last password you’ll ever need to commit to memory. Or better yet, write it down in your little black book that you keep under your mattress.
Why You Need it and Why I Love it
LastPass is a password manager that allows you to create, store, organize and share your millions of passwords in one convenient and super secure place that you can access anytime and from any device as long as you have an internet connection.
Last Pass Helps You:
- Simplify Your life
- Forget about passwords forever
- Autofill login credentials when you return to a site
- Save payment profiles to make shopping online a breeze
- Centralize Your Data- see all your accounts and passwords in one easy-to-use “vault”
- Secure Your Data
- Manage Your Team
Now I have always been super skeptical about storing my passwords on some server somewhere, where who-knows-who can gain access to them at any time. But after doing some research, I found that LastPass seems to have all their security ducks in a row.
How It Works
First of all, it is an easy-to-use browser plugin. So once installed and activated, you will see the little asterisk icon in your browser toolbar for easy-access. This icon is grey scale until you are logged in, at which time it will turn to its normal red and white color.
LastPass will also let you know how many passwords it has available according to the active browser window you have open. For example, I am writing this article in a Google Docs page so LastPass is telling me that I have 4 passwords stored relating to my Google account. And when I go to login, I click in the username field and it will drop a menu with my four usernames. Once I choose one, it automatically fills in the related password.
Once logged in, if you find yourself creating yet another account on yet another site, LastPass will ask you if you want to save your new login credentials for that site and with just a few clicks it’s done! And just to make sure you choose a secure password, LastPass has a password monitor that will tell you if your password is weak or strong. If you need help creating a strong password, use the password generator provided. It’s just so simple, why wouldn’t you use it. After all, you only need to memorize your LastPass password from here on out!
Save tons of time & frustration otherwise copying and pasting login details from a spreadsheet when using @LastPass pic.twitter.com/aXiLmrR6b9
— { ae } Design Co. (@aewebdesign) October 15, 2015
“Greek” Security
Next, I want to talk about security, that is first and foremost the most important factor here. After all, if it doesn’t stand up to today’s and tomorrow’s standards then you want to keep your passwords far away from it.
LastPass uses the leading encryption technology, AES 256-bit encryption with routinely-increased PBKDF2 iterations. Now I did a little research on this type of encryption, and well, I may as well have been reading Greek or some other foreign language I’ve never learned. But what I did manage to get out of this research was that this type of encryption is the latest in encryption technology and it means that your data is very well-protected.
Another reason I feel safe using LastPass is because they use Local-Only Decryption. This means that all of your precious data, including your LastPass password, is encrypted and decrypted locally (on your device) before syncing with LastPass. Your key never leaves your device and is never shared with LastPass. Now that’s a big deal and the main reason I was skeptical of using cloud storage for my sensitive data in the first place.
One last security option I like is the ability to add a second login step using one of the many multi-factor authentication options they provide. You can never be too overprotective when it comes to your personal and private data.
Why Do I Need a Password Manager?
Personally, I need a password manager to securely store, not only my private data, but also my client’s data. Here at { ae } Design Co., we need access to our clients accounts like Web hosting, FTP & Website and database administrative sites (just to name a few). It’s crucial that our client’s information is always kept secure.
Another reason I needed a password manager was just to help keep all of this data in one place and neatly organized. With LastPass, I can organize all my information using their pre-defined directories; Sites, Secure Notes, Form Fills and Favorites. And within Sites and Secure Notes I can create subdirectories for each client. That makes it extremely easy to find what I need quickly, and the search feature speeds it up even more!
Secure Notes
Secure notes is another cool feature if you need to store data other than login credentials like bank accounts, social security numbers, passport numbers and safe combinations. With LastPass this information can be accessed from any device. And if you use LastPass phone app, that information is really always with you.
Sharing
LastPass allows you to share credentials and folders with anyone. You can customize permissions on the folders you share but you cannot hide passwords stored in secure notes. So be careful who you share your folders with.
Do your Research
When you are ready to make your life just a bit easier, do your research. Make sure that whatever password manager you choose, it has the latest encryption technology and local-only decryption at the very least. I highly recommend trying out LastPass. The free version is perfect for personal use, but if you need or want more features, at $12 per year for the premium version, it’s hardly a price hike and it includes tech support. That alone is worth the money.
Conclusion
Whatever you decide, I strongly recommend using a password manager. Gone are the days of saving secure information in a spreadsheet, especially on a cloud server. Even if your document is password protected, it’s not encrypted. Passwords are easily hacked and most people don’t use a secure enough password to elude hackers.
And when it comes to sharing, your only option would be to email this information. I recently found an article that sums it up pretty well why this is not a good idea and should never be done;
Once that email message leaves your server, it’s completely out of your control. Before it reaches its final destination, it will be routed across multiple servers, maybe in several countries. You can’t know where it will travel, whose servers it may cross or how long it will be stored on those servers. You can’t dictate the privacy policies or contract terms of all the email service intermediaries. You won’t be able to prevent third parties from intercepting the data–you won’t even know it happened. In other words, there is a heightened risk that the confidential information and attachments you send in email could be intercepted and accessed by third parties. No, using SSL webmail does not solve the problem.
Jim Brashear | Sensitive Email? Things to Know Before Hitting Send
So good luck in your search for the best solution for you. I’d love to hear about what you find and why you chose it. Thanks for reading and do pass this along if you found it helpful. It’s made my life so much easier and we’d love to share the stoke!