Serving Placer, Sacramento, and El Dorado counties & beyond

Serving Placer, Sacramento, and El Dorado counties & beyond

fbgoogle1linkedin white

fbgoogle1linkedin white

IT News

Latest news posts from your IT Experts at Gravity IT Solutions

When your "regular" password won't work

When your "regular" password won't work
DOES USING ONLINE SERVICES OR WEBSITES FEEL LIKE A HURDLE RACE?
Do you get frustrated trying to remember your passwords? Do you yearn for the day when you had one great password that you could use wherever you needed one? Well, you can go back to remembering only one password, it just requires that you use a new tool. It isn't hard - in fact, you will undoubtedly feel the stress level decrease almost immediately. Read on for an introduction to the once and forever solution..

- no more than 8 characters
- at least east 10 characters
- requires both letters and numbers,
- needs letters, numbers and special characters,
- needs at least one capital letter and one small letter and 1 number and a special character - oh, but not that special character (grrrr)
- you had a great password, but it's been 90 days so you need to update it with a new one (aaaahhhh)

See what they are doing? Are you ready to give up yet? The websites that contain your private or personal information intentionally make it difficult, if not impossible to remember your password. That is the point, of course. If it is frustrating enough, they know you will eventually have to give up trying. At that point, you will start using a secure tool designed for that purpose. You should do this today, before someone "steals your keys" that you are using on multiple internet "doors" and systematically plunder your entire online presence! And please do NOT think of keeping a "password file" either written or worse yet, in a MS Word file or an MS Excel file. That is just a larger "key ring" waiting to be stolen and abused. The best advice is to use a password manager, also referred to as a password vault.

WHAT IS A PASSWORD VAULT?
The first password vault I tried years ago was Memengo (http://www.memengo.com). I wouldn't recommend this one today, but at the time, it was a great introduction to the concept -- remembering one hideous un-hackable "master" password that is used as a cipher key to encrypt all the password data in my password vault. This is a similar approach used by many online password vaults. In this scenario, the data that is transmitted and stored over the internet is unreadable to anyone anywhere but the person looking at the local screen where the master password was entered. So even if the site was hacked, the data is useless to anyone but you. So now you don't need to remember all your passwords... you only need to remember one.

WHICH PASSWORD VAULT TO USE?
After I happily used Memengo for a quite a while, I came to learn that the data could be stored in my own online Google Account data storage with my other Google data using a 3rd party online application called Online Crypto (http://www.onlinecrypto.com/). I preferred this since you have to log into your Google account in order to access the data, and with 2 Step Authentication enabled in the Google account, this meant that only "authorized devices" could access the data, even if my Google password was somehow hacked. This really stepped up the security and yet it was still a free application!
 
Then, I learned about a free, Open Source application called KeePass (http://keepass.info/) which stores the data offline in a database that I possess and control on my own drive. This isn't for everyone, but for those who want that control, the option is there and it is still free. The other nice thing about KeePass is that it has a lot more functionality (automatic username and password cut and paste functions, etc.). These slick features are the only reason I switched from Online Crypto.

There are many password managers available now and I've listed links to  a few below. Some are free. Some are paid. Some synchronize between multiple locations, some don't. I suggest you try a free application with some basic necessary functions to get started and then move to others as your needs become more sophisticated.

Many of the paid applications allow for secure password sharing with other users (like your spouse or co-workers, for example) with a login but don't make the actual password visible so that if you revoke sharing, shared access to the website is taken away without the sharer ever having known what the passwords were. This way you don't have to go through and change the password on every site in the database. Also, most of the paid applications include 2 step authentication in some form or fashion as well as many other useful features.

Like anything that is truly both effective and necessary, the number of password manager applications has bloomed to a staggering number now. The accessibility, functionality and amazing assortment of useful bells and whistles available in the different applications is all over the board, but the regardless of which you choose, the important thing is to do so... and soon.

FREE
- Online Cyrpto                             FREE                                 http://www.onlinecrypto.com/
- KeePass Password Safe           FREE                                 http://keepass.info/

PAID
- Robofom                                     $19.95/Year                       http://www.roboform.com/
- LastPass                                     $24.00/year                       https://lastpass.com/


Connect with Gravity IT Solutions
Do not rush to install Windows 10
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 24 July 2019

Remote Support | Contact Us | Privacy Policy | Web solutions by CitrusKiwi  |  Sitemap

Copyright © 2010 - 2019. Gravity IT Solutions. All rights reserved. | Staff login