Too many passwords? Getting started with a password manager!

padlock

Are you finding that you’ve started to use one password for multiple websites/programs to login? Well stop!

You should always use a different password with every website/application regardless of how strong your password is. As we’ve seen in the past that many big well known website have been compromised including Gmail, Amazon and Playstation Network. The passwords have been released into the public, these are usually encrypted but it’s only a matter of time before they are cracked, even when protected with unique salt and hashing it’s not impossible given enough time. It’s very bad practice┬áif you use the same password on multiple sites as these could then be used to hack into your other accounts.

If you find you’re struggling to remember each of your passwords for every site and application then a password manager is for you. This allows you to have long, secure passwords without the worry of struggling to remember them. There are two kinds of password managers, offline and online.

While both of these have advantages and disadvantages relating to security, it may be advisable to have an offline password manager that does not connect to the internet. There is always the chance that the online password storage sites gets hacked, and encrypted passwords could be leaked, though it’s unlikely given the security measures employed. You should bear in mind though that for using an online password manager you will have one master password to remember, this should be long, complex and unique to you to ensure security.

Password Manager Recommendations:

Offline Password Manager: Keepass

Online Password Manager: DashLane (6 months free)

For online password managers we recommend enabling Two Factor Authentication as this adds an added layer of security to your passwords. There are various different types of Two Factor Authentication which can vary from having to enter it every time you attempt to login or every time you attempt to login on a new PC, Browser or Phone.

Two Factor Authentication will either send an authorisation code by email or text, there is another type of authenticator which is synced up with your account and will display a randomly generated code for 30 seconds. After the 30 seconds is up the code will expire and will no longer grant access to the account. A very common type of this application is Google Authenticator.