After “the largest security breach in recent history,” Russian hackers were able to steal over 1.2 Billion user passwords. How are we supposed to deal with these catastrophic events? They seem to occur with regularity now. “A very low percentage of companies store your passwords well and most don’t even know they’ve been breached at all!” The only way to use passwords securely is to have a unique and sophisticated password for each login. “Never trust a website with a password you use anywhere else. Even better, you shouldn’t know your passwords because that way you can’t be phished.”
How do Security Professionals handle the password SNAFU? The answer is they use a password manager system!
Richard from Maximizer got me using RoboForm a couple of years ago, and I think it is great. It is a password manager, and a form filler which I truly love, all for $19.95 per year. It saves me 10 times that in labor by not having to fill out forms. I use the RoboForm Everywhere version because one license allows me to use RoboForm software on all my Windows computers, Macs, and mobile devices (Win Mac Android iPhone). It definitely gives me the best value, and can be purchased here for $9.95 for the first year: http://www.roboform.com/php/pums/rfprepay.php?lic=default_alt&lang=en
I have over 200 unique passwords, 1 for each login, and I never use a password more than once. Here is an eample of the password complexity that I currently use:
They are complicated enough to make brute force cracking extremely difficult. In fact, they are so dificult, that sometimes you can’t type the password in correctly, even though you are reading it! This is the only way that I know to easily keep track of so many “secure” passwords. When using a password manager, the password manager itself should also be password protected, and I back up my password manager every night, as well as my whole system, EVERY SINGLE NIGHT!
Also, there is a great FREE password manager that one of my Engineers has used for years called KeePass. Although it does not have a form filler, it is a great password manager. It can be downloaded from here: http://sourceforge.net/projects/keepass/files/latest/download
I have a few passwords, that I have to remember, that I may use without my computer system. For those instances, a password phrase is the best solution. Here are examples of password phrases:
The statement “I love to watch the Breakfast Club!” becomes the pass phrase “Ilove2watchtheBreakfastClub!” and is using 28 characters.
The statement “I had to eat 12 cheeseburgers!” becomes the pass phrase “Ihad2eat12cheeseburgers!” and is using 23 characters.
The key factor here is to use UPPER and lower case, use numbers, use special characters, and make them long enough to be a pain in their ass!.
What You Need to Do in the Wake of Russian Hackers’ Massive Data Breach: http://mashable.com/2014/08/06/what-to-do-russia-password-hack/
“At this point in time, the Internet should be regarded as an Enemy Weapons System!”