University of Minnesota Extension

Home > Extension QuickBytes > Living in a Password World

Living in a Password World

| Leave a comment
What

Passwords! Seriously, how many passwords do I have? At least a kajillion. It is crazy trying to keep up with all of them. There must be a better way. In this QuickByte, we're going to check out our options for password security!

Why

Just last week, I (and probably about half of humankind) received this email from Linkedin:

We recently became aware that some LinkedIn passwords were compromised and posted on a hacker website. We immediately launched an investigation and we have reason to believe that your password was included in the post.

Dammit! Of course, if I'd used good password habits, that wouldn't be a big deal. IF I'd used good password habits. Which of course I do. Some of the time. Or almost never. Anyway.

Did you know the most common passwords are "seinfeld," "password," and "123456"? 

Are we smarter than a fifth grader? Ha! We need to make better passwords.

True Story: My iTunes account got hacked, which led to $85 of charges I didn't make. Yikes! My husband says, "Good thing that wasn't the same as your gmail password or something stupid like that!" and then he bursts out laughing as I panickedly leap for the computer to change my identical gmail password. 

So please join me in upping my password game!

How

How are you supposed to keep up with a kajillion passwords, while keeping them all strong and also not reusing them? Well, there's an app for that! Several actually.

This genre of app is called "Password Managers." The idea is that you put all your kajillion passwords in a little password manager database and password-protect THAT with some sort of master password, then that manager can show you your username/passwords as you need them or autofill into websites. One Password to Rule Them All, if you catch my Lord of the Rings drift. 

I know what you're thinking. What if my master password manager gets hacked? Typically these databases are protected with super-power encryption, with the idea that they will be much harder to hack than cruddy old Linkedin, especially if you are keeping your virus definitions up-to-date. But yes, in summary, if your master password manager gets hacked (or forgotten!), you are, shall we say, screwed. 

So that's why it's important to pick the password manager that will suit your needs. Please search around if you feel that you have certain password needs. I looked at a lot of apps while writing this article, and I think the best option for most of us out there is Lastpass. Here's why, and these are important things to look for in any password manager:
  • It is free (although they might sucker me into the $12/year to get the iPhone app). 
  • It generates secure passwords (more secure than "seinfeld?" Oh yes indeed.)
  • It syncs to the cloud (you can see your updated info from a number of devices). I like this because I have a lot of devices. How many? A woman never tells. 
  • You can export your data to a text file at any time. This is crucial because you don't want to have all your passwords locked into some proprietary format.
  • It isn't too tech-y. It is pretty easy to use!

Assignment

  1. First of all, go change your Linkedin password! now!
  2. Now go change any other sites that had the same password as your Linkedin password. (no judgement here)
  3. Start thinking about how you should manage passwords! Consider downloading Lastpass.
  4. Leave a comment if you have any good tips for us on password management! Or horror stories, those are always fun too!

Leave a comment