Blogs‎ > ‎

In Praise of Password Managers

posted 14 Nov 2015, 02:43 by Andrew at Lycom   [ updated 14 Nov 2015, 02:47 ]
Barely a week goes by without news of a major hack at a large company. The usual story: complex systems + some poor decision-making or change management + inadequate technical skills in some places.  End result = user details and passwords exposed and often sold to criminal syndicates for exploitation.

For a customer, it means your only option is to use a different, and highly complex password for every online account you use. That way, even if (for example) your Talk Talk account gets hacked, you can change the password (Oi! Close that stable door, mate) and hopefully none of your other accounts are affected.

Where possible, you can increase security by using services that employ Two Factor Authentication - Google Mail and various online banking sites are good real-world examples of this.

But how to manage all those un-memorable passwords for the gazillions of online services you use? The best way is to employ a password manager. Not a person, but software that remembers then for you. I have previously spoken of my love for PasswordSafe - which I still actively use, particularly for some work projects. But recently I have returned to an old favourite for home and business use:



Lastpass is IMHO the best consumer password management app. It has more options than you can throw a stick at, great security (including Two Factor Authentication options including Google Authenticator), and best of all has plug-ins for just about everything to capture and release your passwords.

In my case, it means I am able to use it with mobile / tablet and PC to generate and keep all my unique passwords in sync, and not just in Google Chrome - there are Firefox add-ons available too.

There is a free version, but it is well worth upgrading to one of the paid-for subscriptions to enable the additional features.