Tech Made Simple

Hot Topics: Holiday Shopping & Gifts | Deep Web: Surfing the Dark SIde | GIVEAWAY: Win an HTC One! | Apple iPhone 6

Use It

author photo

The Easy Way to Prevent Password Theft

by on January 17, 2012
in Computers and Software, Computer Safety & Support, Tips & How-Tos :: 20 comments

woman on sofa with computerI used to reuse the same set of passwords for multiple sites and services online. I knew better, but it was impossible to keep track of the dozens that would be required if I had a different one for every site and service.

I had a system, with different levels of passwords for different types of sites. I never reused my bank password, I used highly secure passwords for sites with private data and I used lower-security passwords for general sites that don’t store private data. It wasn’t a bad system, but if one site was compromised and my ID and password were stolen, the hacker could gain access to other sites.

Now I use a password management program, which stores all of my passwords safely under one master password.

The key is to make sure you have a strong master password for your password management program to protect your list of passwords. You’ll want to create strong passwords for each site that you log into as well.

A strong password must have at least 8 characters (the longer the better), with a mixture of upper and lower-case letters, numbers and, if the site or service allows, special characters, such as “!,” “#” and “?.” It should be something you can remember easily. A long sentence works well when you take the first letter of each word and then substitute the vowels for numbers or symbols.

For example: The quick brown fox jumped inside the orange box and slept = Tqbfj1t0b&s

Once you’ve created your master password, you can set up your password manager. It stores your passwords and user names in an encrypted database, enabling you to quickly access them. Once you have your password manager running, it fills in your user ID and password for you.

The free Mozilla Firefox Web browser for PCs and Macs has a built-in password manager, but you need to make sure you create a master password to protect your list. Other browsers — Internet Explorer, Safari and Chrome — can remember passwords for you, but they do not have a manager or master password to protect your passwords, so it’s best to use a dedicated program.

Another great option is to use the password manager that comes with your Internet security software. Our top picks, Symantec’s Norton Internet Security 2012 ($33.28 for 3 PCs on Amazon.com) and Kaspersky Internet Security 2012 ($79.95 for 3 PCs on Amazon.com) both have password managers.

RoboformFor stand-alone password managers, one of the best is RoboForm Everywhere ($9.95 per year at roboform.com), which works with Macs and PCs, as well as iPhones and Android phones. The program can auto-fill just about any online form, including email, name, phone number and credit card information.

I also like Kaspersky Password Manager ($24.95 at usa.kaspersky.com) for PCs. It saves passwords and personal data on your computer or to a USB key that you can then use securely on any computer. It also auto-fills forms and auto-generates strong passwords for you. It even provides an onscreen keyboard to foil keyloggers, for those times when you need to manually input sensitive information. Or try the free KeePass. It's not quite as slick, but it works.

And for Macs (and PCs), check out 1Password ($49.95 at agilewebsolutions.com). The software saves passwords, credit card numbers, account registration information, just about anything you can think of, and auto-fills it all across most browsers on a Mac, including Safari, Firefox and Camino. There's also an app for iPhone and iPad ($9.99 in iTunes) that will sync with your desktop and stop you from having to peck out your passwords on that tiny touchscreen keyboard.

Updated on 1/17/2012

Subscribe to the Techlicious Daily Email!

Get the Techlicious Guide to Great Photography as your FREE gift!

Discussion loading

gravatar

CIO

From Robert on February 18, 2011 :: 12:15 pm

You should mention the free, open source, password manager, KeePass

Reply

gravatar

I agree - KeePass is

From Bill on February 25, 2011 :: 6:50 am

I agree - KeePass is spectacular.  Not only is it free, there are PC, Mac, and Android versions available so my password file can go with my on my phone or any of my computers.

Reply

gravatar

There is also a free

From Ron Ablang on February 19, 2011 :: 9:50 am

There is also a free program called LastPass, but I prefer the paid version of RoboForm better.

Reply

gravatar

Does 1Password have a master

From Pat on February 25, 2011 :: 3:00 pm

Does 1Password have a master password as well?  I’d hate to think that someone would gain access to all my passwords if they managed to steal my phone or computer.

Reply

avatar

Yes. 1Password does have a

From Suzanne Kantra on February 25, 2011 :: 3:15 pm

Yes. 1Password does have a master password to protect your data.

Reply

gravatar

All of you (including the

From Susan on June 07, 2011 :: 7:20 pm

All of you (including the author of this article) are NOT using basic common sense for passwords.
The BEST method for multiple log ins & passwords is to type a list of all the websites you visit & each log in required.  Yes, mine is 10 pages long.
Also it’s a hard copy I keep by the computer.  DO NOT keep this info on your hard drive - portable hard drive is OK.
Guess Americans are too lazy to type several pages of log ins & passwords - no wonder everyone is worried about hacking - but I’m not.

Reply

avatar

Are you making a serious comment?

From Josh Kirschner on June 07, 2011 :: 9:29 pm

One of the most common ways passwords are stolen, especially in work environments, is because people do exactly what you suggest - writing their logins on a piece of paper and keeping it next to their computer. Even at home, if someone were to break in and find that piece of paper (or take your portable hard drive) they would now have access to all of your logins.

Also, to be clear, the main risk here is not “hacking” your computer. It’s the risk that comes from using passwords that are too common and easy for hackers to guess. Typing in complex passwords is tedious, which is one reason many people choose simple ones. Password management programs will do that work for you. Passwords on a piece of paper still require you to do the typing.

Reply

gravatar

Password management

From Robert on June 07, 2011 :: 8:39 pm

Susan above ignores the fact that the 10pages of passwords can be stolen with the computer. Then you’re really screwed. Programs like keepass encrypt the file so it’s safe.

Reply

gravatar

1Password is the best one, but

From Martin on June 28, 2011 :: 7:45 am

like many others, i sync 1Password via my Dropbox, and Dropbox was in the media with some security issues lately ... so the important thing is to keep the sync safe if you want to use your passwords on all your devices

Reply

gravatar

Thanks much for this vital

From richard on June 28, 2011 :: 9:34 am

Thanks much for this vital information.

Reply

gravatar

And then my cell phone number gets hacked

From Auriette on June 29, 2011 :: 1:25 am

I’m not at all in favor of the dual login, at least not if the only other option (as on Facebook) is a credit card number or mobile phone number. I use a prepaid mobile phone, and I’m protective of my number. I don’t want to start getting sales calls or spam texts. I certainly don’t want to give my credit card number when I have no intention of spending money with the service. It’s just one more way to put my sensitive information at risk, and I guess I’ll just have to drop my social media accounts if it comes to that.

Reply

gravatar

Roboform pricing

From Nat Gildersleeve on January 17, 2012 :: 11:02 am

I have used Roboform for years and been very happy.  It was OK to pay $9.95 per year, but in my case, that turned out to be a first year incentive.  When I went to renew it was $19.95 per year. I was no longer eligible for the $9.95 per year price. I switched to Last Pass which seems to have all the functionality I need.  It’s free unless you want to share passwords with your iDevice or Android and then they want $9.95 per year.

Reply

gravatar

Oops. The Last Pass

From Nat Gildersleeve on January 17, 2012 :: 11:09 am

Oops.  The Last Pass premium charge is $12.00 per year, but that also includes bookmark syncing via Xmarks across your devices.

Reply

gravatar

No need to type it in

From Ariana on January 17, 2012 :: 11:27 am

I’ve gotten used to LastPass - I can generate 20 or more mixed character passwords and best of all, no need to type it in, in case of keylogging malware.
Alongside this, I have written the master password (and any others I want) in another alphabet and language in the office, basically undecipherable by anyone else. They’re not digitally stored.

Reply

gravatar

What happens if password manager gets hacked?

From Kathy on January 17, 2012 :: 3:49 pm

Is it possible for a password management system to get hacked? It seems like anything can be hacked. And if it is hacked…does that mean all your info for every account is up for grabs? Just wondering…

Reply

gravatar

RE: What happens if password manager gets hacked?

From Robert on January 17, 2012 :: 3:59 pm

That’s why you need a good password on your password manager so that doesn’t happen.  Some programs store the passwords on the web (I believe LastPass does that) which makes you a little more vulnerable than if it is on your local machine.  Either way, having a really good password is the key to your protection.

Reply

gravatar

Keepass

From blackspear on March 20, 2012 :: 11:34 am

Another vote for Keepass, extremely simple to use and FREE.

Reply

gravatar

Keepass

From OYEUNG on April 03, 2012 :: 12:46 am

Is Keepass strong enough to keep password in one place?

Reply

gravatar

Keepass strong enough?

From Robert on April 03, 2012 :: 7:10 am

Keepass is strong enough (AES encryption IIRC) assuming you use a good master password.

Reply

gravatar

Keepass on thumbdrive

From Freedomaphile on April 03, 2012 :: 6:14 pm

I keep keepass on thumb drives. The Program and the data file easily fit on the smallest thumb drive I have (64 megabites, yes mega not giga). One drive for me, one for spouse, one for backup.

The copy of the master password on the computer is useless without the thumb drive.

Reply

© 2014 Techlicious LLC. :: Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us :: Terms of Use | Privacy Policy

site design: Juxtaprose