Having unique, complicated passwords for each of your accounts is an essential element of online security. However, remembering all of your passwords can be a difficult task for many people, which is why so many people use online password managers, which store all of your passwords for you. These companies, however, are tempting targets for identity thieves. In 2015 I told you about online password manager company LastPass suffering a data breach in which customers’ email addresses, password reminders and encrypted master passwords were taken. Last year there were initial indications that LastPass had been hacked although it was later determined that no individual accounts were hacked. Rather, cybercriminals appear to have attempted to use the master passwords of LastPass customers to access their accounts and gain access to the passwords for all of the sensitive accounts of LastPass customers. Fortunately, LastPass recognized that the attempted access to the accounts was coming from Brazil and determined that what was happening was that due to data breaches at other websites, passwords used at those websites were compromised and, in the situation where LastPass customers used the same password for multiple accounts, they put themselves in jeopardy. Recently, however, we learned that LastPass was again hacked and 33 million people had much personal information stolen that could lead to identity theft.
In 2018 researchers at Aalto University and the University of Helsinki discovered security flaws affecting the technology used by all of the password managers. The researchers disclosed their findings to the affected companies which took steps to remedy the problem, but the bottom line is that while using a password manager is helpful, it will always be a target of hackers and you may be more comfortable using unique, complex passwords for each account that you can readily remember without using a password manager. This is not as difficult as it sounds as you will read below.
First, if you are interested in using a password manager, here is a link to an article from PC magazine that compares many of the legitimate password managers available to you. https://www.pcmag.com/picks/the-best-password-managers
If you do decide to use a password manager, you should remember not to use your password manager master password for any of your other accounts. You also should use dual factor authentication so that even if someone were to gain access to your password manager master password, your password manager account could not be accessed.
However, if you would like to use the helping hand you find at the end of your own arm and generate unique, complex passwords for each of your accounts that are easy to remember, here is a strategy that is very effective. You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords that has capital letters, small letters and a symbol, add a few symbols at the end so it may read IDon’tLikePasswords!!! and then adapt it with a few letters for each particular account you have so that you will have a secure and easy to remember password for each of your online accounts. Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”