The internet and information security is not a new topic, but it's a great time to review your security settings. It usually takes a catastrophic event to cause people to take it more seriously. The alleged Instagram hacks that have been reported are a great wake up call.
I will share my thoughts and methods for online security, but also extreme security happens to come with a huge workflow and a time saving boost.
Many people will use the same password for multiple accounts, this is when you can really get into trouble. If one of your accounts is hacked, usually many follow due to this. So the first step is to use different passwords for all your accounts. Then comes the challenge of how in the world do you remember what's for what? Then, to make more secure passwords, it's very helpful to use cryptic passwords, which in turn makes it even tougher to constantly enter as you log in, etc.
My method is broken into two parts.
- The generation of cryptic passwords
- How to efficiently log in with them
First the generation, I use Gibson Research's password generator.
It's great because you can generate a few different types of passwords. I will often select a part of the generated password, if I don't want to or the particular login credentials have a character limit. Each time you refresh this page, it generates new passwords. These passwords are incredibly secure and for all intents and purposes impossible to "figure out". A "brute force" password cracking method running on a powerful server might take 200+ years to crack one... I think you're safe with it.
Second, I use a plugin called LastPass.
It is a secure password manager, since it is their business, they are VERY secure against hacking. The beautiful thing about LastPass is that it works across multiple devices. S your desktop, laptop, phone, and iPad can all log into any of your accounts from anywhere with this plugin. Clearly you will need those devices to be secured, such as the fingerprint login security, in case you were to lose one of the devices. Should you lose a device, it's simple, change your LastPass master login credential, and you're instantly safe with all your passwords, provided you do this quick enough. The alternative is to have your devices not remember the LastPass master password, and you would enter that one password in, one time only when you log into that device and enjoy access to all your accounts.
LastPass, once you get used to it comes with a bunch of hidden little gems of productivity. Such as if you forgot the password to your Playstation Vue TV service, and you wish to log in at home from your Amazon Fire stick (which does not have access to LastPass), you can go to LastPass in your browser and copy the password from any account and paste it into a plain text document, and see the password.
It's worth noting that LastPass does have it's own password generator. I have been using GRC for so long that I am comfortable with it and I like the passwords it generates. You can't go wrong either way.
As I repeatedly say, I am a very big advocate for making every little thing as efficient as possible. This is great, because think of all the places we log in, Banks, Photo Labs, Blogs, multiple social media platforms, fantasy football, and so much more. By using these methods, you can have 30+ character cryptic passwords that are very difficult to crack, have a different password for each account, and log into all of them faster and easier than ever. It's a win-win all around that I have been using for years.