Those who surf the Internet a lot and take advantage of the convenience of online services, probably sign up for multiple sites, each time registering their login username and password. Over time you will have a growing list of accounts and services, each of which requires a password to enter. The problem is therefore to keep the passwords in a safe place to avoid losing them and to use strong and complex passwords to prevent some hackers from discovering them. The rules for choosing safe passwords that are impossible to discover are, briefly, the following:
- Use a complex password containing numbers, letters and special characters;
- Change it every month;
- Do not use birth dates or names of relatives
- Don't use the same password for all accounts.
- Avoid using the "Remember password" feature of browsers.
For this you need to find a more realistic, comfortable password management strategy that keeps accounts safe, without slowing down every operation.
In another article, we saw the best ways to create secure passwords that are easy to remember .
One of these is to use an app to manage passwords, using a service or program that stores access data and protects them behind a single main password that becomes the only one to remember. The best online service is LastPass which allows you to create a protected account in which you can write all your passwords and use them automatically every time you connect to a site.
LastPass, of which I spoke in the article on how to memorize access passwords to websites in a secure way, is, in fact, a program for Windows, Linux and Mac and a plugin for Internet Explorer, Firefox, Chrome and Safari browsers, Opera and also for iPhone and Android phones. LastPass stores online passwords in an encrypted form.
When you connect with LastPass, the encrypted file that contains all the passwords is downloaded to your computer and decrypted only locally and only if you are authorized. This type of service also helps to manage and remember other important information, notes, notes and even PINs and codes not related to websites. Account security can then be strengthened with the double-verification authentication procedure via mobile phone, which ensures complete protection even if a stranger becomes aware of the main password.
Even if you don't trust this online service, you can always use it to save the less important passwords and remember only the fundamental ones such as the home banking password or the Email address. The same thing can be achieved by using the Google Chrome browser by storing passwords and covering them behind the Google account.
Alternatively, if Lastpass or other online solutions were inconvenient or if you do not have full confidence in a cloud service, you can use a program that securely saves all authentication credentials to web accounts, on your computer . The disadvantage is that, in this way, it becomes difficult to carry the database with the list of accounts to access also from other computers (even if you can always carry the program in a USB stick).
The best free program to manage passwords on your computer is Keepass, which I described and explained some time ago.
KeePass performs the same functions as LastPass but runs on your PC and does not store all online data on external sites and servers.
You can also use Keepass in combination with an online file storage service such as Dropbox to synchronize the protected file with all passwords and be able to use it from multiple computers together.
As for how to create passwords for the various accounts, it is absolutely necessary to have your own algorithm or mental process that no one else can understand. Instead of having an identical password for each account, you can think of a basic password and change it based on the name of the website. For example, you could start with a basic password such as cfg345l & and then, for Facebook, make it become Fcfg345l & K, for Gmail Gcfg345l & L and so on. Whatever method you use, the important thing is not to always use the same password and, on the contrary, not having to remember different keys for each website .
If no effective mental algorithm comes to mind, you can always take advantage of an automatic password generator.
For example, the SuperGenPass bookmaklet is an algorithm implemented as an extension for the browser or bookmarklet.
It creates a main password that must be remembered and then, for each account, a different key is created which is impossible to discover.
These passwords are not saved neither online nor on the computer, they are simply extracted from the SuperGenPass algorithm. Simply install the generator on every browser you use and use the same master password everywhere.
Another very good password management program is free and open source Bettercup for Windows, macOS, Linux, Firefox and Chrome. The program does not store passwords in the cloud, but locally on the computer or mobile phone or they can be saved online on one of the supported cloud services such as Google Drive and Dropbox. Buttercup can import the password database from other programs such as 1Password, KeePass, LastPass.
Clearly not all passwords are important .
To simplify your life, you can manage access to accounts of little used sites, which do not contain sensitive information and which do not concern money, using the same password or writing them down on a sheet of paper (what not to do for bank accounts, the Email, Facebook). For example, for a long time, I used the same simple password every time I registered for newsletters, photo editing sites and other web applications that need registration.
To find out how long it takes to catch a password for an automatic or brute force scan program, you can test to see how long it takes to find out a password.
Finally, I remember the article on the most used techniques to steal passwords on the internet to understand how easy this can be even without being professional hackers.
READ ALSO: Manage passwords saved on PC and mobile phone with Google Chrome
