If you’re like most home computer users, you use the same 2 or 3 passwords for your various accounts and your passwords are easy to crack. As you keep reading news reports about hacked accounts and stolen identities, you think you should do something about your passwords, but you keep putting it off.
Like personal security, password management is something most people don’t think much about until after something bad happens. Unfortunately, the Internet is not secure. Just as you need to be “street wise” when venturing onto streets, you need to be “net wise” – especially with passwords – when venturing onto the Internet. Because, like it or not, your passwords are currently the main barrier between you and the bad guys.
Most password management advice seems designed to torture you as opposed to help you. For the average Joe with average security needs, password management advice needs to be simple and usable, not just secure. Luckily, there is a reasonably secure form of password management that is simple and usable. Here it is:
There are dozens of password managers, including some built into browsers. Many of them do the basic job you need, which is to use a master password and strong encryption to securely store your passwords. More important than selecting the “best” password manager is to use such software wisely. I describe how to use a password manager here (basics and index to password series) and here (tips).
If you’re already using and liking a password manager not mentioned in this post, by all means keep using it so long as it offers master password protection in combination with strong encryption. While most password managers offer password import and export functions, the actual practice of switching password managers and learning a new one is cumbersome.
However, if you’re selecting a password manager for the first time or dissatisfied with your current password manager, you may as well benefit from my efforts to identify the best password managers for individuals. My efforts included extensive use of two password managers and poring through hundreds of reviews, forums, and comments about many others.
In the first post of this series, I describe four steps to secure your passwords with a password manager. This post describes a number of additional tips for using your password manager software most effectively. The “Tips for Standard Use” section is for everyone. The “Tips for Extra Password Security” section is for those who need additional security, with less regard for convenience.
I’ve read dozens of tutorials and guides on how to manage passwords. I dislike most of them for the simple reason that they are far too cumbersome to implement and have you memorize a dozen or more rules without telling you why. The only way an average person will use secure passwords is if it doesn’t take up too much time and attention. Here are a few pieces of advice on password management dissected and dismissed:
Many people don’t understand how easy it is for attackers to take advantage of weak passwords, and therefore don’t use a password manager or other means to make their passwords stronger. This post describes 9 common ways passwords get captured, roughly ordered from most to least common. Proper use of a password manager can thwart some of these attacks and limit damages from most other types of attacks.
According to various studies, most people use the same few passwords for all of their accounts, most of these passwords are weak, and many people don’t realize how weak their passwords are. Using the same 2 or 3 passwords for many accounts is analogous to storing all of your keys under the outside doormat of your locked front door – it doesn’t take much effort for a thief to have access to everything.
In this post, I describe the typical home user system for managing passwords and how attackers exploit this system.
Modern hardware, software, and web services are loaded with useful and customizable features, but figuring out how to use them is usually time consuming. Traditionally, people learn new features or resolve tech issues by following some combination of these time-consuming steps:
Read help files or manual.
Call the most knowledgeable person or relative you know.
Call Tech Support, if available. Wait on hold a long time then talk to someone who may or may not be able to help you.
E-mail Tech Support. Hope that the reply comes soon and actually resolves your issue.
Thankfully, there’s a much faster, more reliable way: Google it.
Google for help first, and you can save yourself tens of hours per year. In this post, I provide specific examples and helpful tips on how to quickly get tech help using Google.
A growing number of people are migrating much of their computing work from the desktop to the cloud, including myself. Why? What exactly is the cloud? What’s it like to work in the cloud? What are the pros and cons of the cloud? Who should consider (or not) migrating much of their work to the cloud?
This post is an attempt to answer these questions from a balanced perspective.
The best upgrade you’ll ever make? It’s not a new computer. It’s not an operating system upgrade. It’s a browser.
NOTE: In 2015 I posted a more current comparison of the latest browser versions, Best Browsers . . .
Most individuals access the web using the browser initially bundled with their computer, and typically don’t update it. Accessing the information superhighway with an outdated browser is like driving today’s roads with a Model T—slow, unsafe, unreliable, and in many places not usable at all.
In this post, I explain why it’s so important to use the latest version of Firefox, Opera, Internet Explorer, Chrome, or Safari—speed, security, reliability, and compatibility. I describe each of these browsers, to help you decide which is best for you. And I lay the groundwork for the next post on cloud computing.