Skip to main content

You need a password manager!

By
Do you have sticky notes all over your desk with ID’s and passwords? Perhaps you have a notebook with passwords scribbled out and rewritten. Or you went the other direction and have nothing!
I run into this all the time. A customer’s hard drive fails and I load Windows or Linux from scratch. When I deliver the computer, they want to be sure they can access their email, Facebook, online games, etc.. They are shocked to find that it does not automatically log in. I often end up spending 2 hours helping customers reset their passwords.
Both Chrome and Firefox have the ability to store this information online. That works fine to store the information in that browser. However, once that browser is configured I have to open the other browsers and import the settings. The data between the various browsers will never be synchronized. “Oh, but I never save my passwords in a browser because it’s not safe, and online is even worse!”
There is a lot of truth to that. So why would you ever trust a password manager to automatically gather your ID’s and Passwords and save them online? One word, encryption. You must remember ONE password that is used to encrypt/decrypt your data. All information is encrypted on your PC before ever being sent across the Internet. “No, I’m afraid someone would crack it.” If the Federal Government trusts AES encryption to keep their secrets safe from China, you can certainly trust it! AES Encryption is very secure when properly implemented. The encryption itself cannot be broken. What can be cracked is your password. Did you know that ANY 8 character password, no matter how complex, can be cracked instantly? Today’s crack utilities employ the graphics card in your computer to do the number crunching. Graphics cards can process numbers far better than any Microprocessor and math co-processor combination. Here’s a little test for you: howsecureismypassword.net. Don’t worry, this does not send your passwords. It runs a little Java program on your computer.
But my computer is managed by my company, I can’t install software. Most password managers have enterprise versions available, that are managed by your administrator. If you work in a health-care or financial industry, password managers help maintain HIPAA and Sarbanes-Oxley compliance. The password manager can generate random passwords that meet your company’s requirements, check the age of your password, and in some cases, even change your passwords for you automatically! If your company is not interested in this, many password managers have plug-ins that run in the Firefox and Chrome browsers. This may be a way around your company’s software restriction. Not that I am asking you to bypass their restrictions. Please verify with your administrator first.
This sounds interesting, but how much will it cost? Some are free, with certain limitations. For example, LastPass is free if you want to use it only on your computer. You can upgrade to premium for $2 per month that will allow you to use it on your smartphone as well. RoboForm is the same, with a free option, and $19.95 per year for RoboForm Everywhere. Dashlane is another option. They have the same free personal option, and $3.33 per month billed annually for use on all your devices.
PC Magazine has reviews of several other managers here: https://www.pcmag.com/article2/0,2817,2407168,00.asp

 Interesting to note, I have both RoboForm and LastPass. I have used them for many years. Neither received an Editors Choice from PC Mag. They recommend Dashlane, Keeper, LogMeOnce, and Sticky. The last two I have never heard of until just now. It just goes to show you how rapidly the digital landscape changes. Even the experts have trouble keeping up. That’s not to say LastPass and RoboForm are not good. I’ve been very happy with them. Why do I have two? Because RoboForm did not work properly on Linux. I filed a bug report with them and it took months for a proper fix. I now rely heavily on these and being without RoboForm was not an option, so I switched to LastPass. However, LastPass did not properly import everything from RoboForm, so I kept it too. Now all my new stuff is in LastPass, so I have both. Perhaps one of these new programs will import everything, and I can migrate back to just one. I won’t include them in this article because it may take a few months for me to test all the features before migrating completely. You see I also use them on my iPhone for my business. They log me into my invoicing site so I can create invoices for my customers when I work on their computers. They each hold hundreds of ID’s and passwords for the various sites I use, include private notes for things like my EIN number, my spouse's social security number, etc. If my wallet were ever lost or stolen, all my credit/debit card information is in them. I could easily contact my banks to cancel the cards. I rarely allow websites to store my card information because the password manager will automatically fill this for me. The same goes for all those website forms that need your address, phone numbers, etc.. The password manager will fill these automatically for me. I have a pretty good understanding of encryption and am quite familiar with Rijndael’s cipher. AES stands for Advanced Encryption Standard. Many people competed to win this title from the NIST to replace the aging and compromised Data Encryption Standard. Serpent, Blowfish, and Twofish are other contenders that in some cases provide even better encryption, but are not as easy to implement, or could not provide the performance. Rijndael was the winner. But data encryption is another discussion topic. Suffice it to say that AES encryption is very secure, and the weakness is the password. My weakest passwords will still take billions of years to crack via brute force attack. Some of my more secure passwords are in the quadrillion or septillion years range. Yes, I trust these password managers to store my information much more so than paper. And if anything is ever lost, I can log on to their website and get it all back. Everyone NEEDS a password manager! They’re inexpensive, easy to set up, and indispensable. I can’t imagine not having one. If you need a little more help, give us a call at 480-382-4761. We’d love to help you. Irwin Electronics makes old computers run like new, and so much more.
Labels:
Location: 20987 N Maricopa Rd, Maricopa, AZ 85138, USA

Comments

Post a Comment

Popular posts from this blog

Privacy Part I - Who's Tracking You?

By
Irwin Electronics   Weekly Digest   Privacy Who’s tracking you? by  David Irwin  on February 5th Okay, so you have Anti-virus and Anti-malware software installed, that’s great. Assuming, of course, your running Windows or OSx. These help to protect you from hackers around the world that want to break into your PC and steal your identity. But what about companies like Google and Microsoft? At least Google tells you they collect data, what they collect, and how they use that data: https://privacy.google.com/your-data.html Some people refuse to use Google because of this, yet they’re using Microsoft Windows and possibly the Edge browser. By default, Microsoft collects much of the same data, and more. Google is an advertising company after all. The more information they know about you, the more relevant the ads you will see displayed. Companies pay Google big bucks to get their ads in front of people that may be interested in their products. Ever searc
2 comments
Read more

Windows Update

By
Irwin Electronics Weekly Digest Windows Update Microsoft’s Updates Breaking Windows Again by David Irwin on January 26 Here we go again. Another Patch Tuesday, and more broken Windows. What a pane in the glass! The past six or seven consecutive updates have broken Windows for thousands of users. Microsoft is aware of the problems and gives a couple possible solutions. What we see happening is you get to your login screen and enter your password. A circle appears on the screen showing the system is busy processing your request. It will circle and circle then drop you back to the login password prompt. You know your password is correct. You do not receive any error indicating incorrect password. This cycle just repeats, and you can never log in. The Microsoft fix is to power off the computer by holding the power button until it powers down. Repeat the boot and power off cycle 2 or 3 more times, and it will launch the automatic startup repair. If that does not work, the
Post a Comment
Read more

Computer 101 - Part I

By
--> Irwin Electronics Weekly Digest Computer 101 Basic terms and navigation by David Irwin on April 28th It always amazes me when I ask someone to open a browser or their File Manager, and they look at me like I'm speaking a foreign language. I guess Computers to many people ARE a foreign language. Once we finally get to that browser, if their favorites are missing, they have NO idea how to navigate! So, I decided to write a quick little tutorial on what to do after you press the power button. What's the power button you ask? I'm sorry, you might need Computer 100. That's next door. We're going to assume you've turned the computer on and entered your password if it asked for one. Now you're looking at a screen with a picture in the background, some icons on the screen, and at the bottom, there should be a bar. Typically there is some kind of Menu on the bottom Left, and a little
Post a Comment
Read more