Researchers claim that it is a lot worst than Heardbleed.
It is a Bash bug that allows almost anyone to execute commands to a remote machine.
For more about that here.
When these bugs get exposed, fear push us to security.
And as Batman says, fear is a tool!
Since then, 1Password’s sales skyrocketed!
Same thing with other passwords managers for sure. And why is that?
We mostly use one or two password everywhere, they are probably in the dictionary and our safeguard is that digit or character we change each time.
It is known that passwords are a bad authentication method.
There are so many weird things going on when you want to be safe with them…
You have to remember a very long string of case sensitive jiberish with symbols and numbers.
Multiply that by all your accounts and you get 100+ such strings to remember. The guy from Rainman would have gotten dizzy.
This is where password managers come in.
These are tools that help you automate and secure your password problem.
They offer browser extensions to fill in passwords for you, integrate password generators and monitor when you change your passwords so you don’t forget to update your database.
Your passwords are stored in a database that stays encrypted and decrypts when needed.
Whichever manager you choose, it must have a mobile app.
We use our phones to do serious stuff so this part should not be underestimated.
The most famous are LastPass, 1Password & Dashlane as far as I know.
One of the oldest. It is the LastPass that you have to remember and it works pretty well.
it is not the most well designed but it offers Linux and even Symbian support and that makes it the most versatile.
It is free for desktop use but if you want the sync features you have to pay $12 a year which is very cheap ($1/month).
On Android the app is a fork of the Firefox for Android browser and it works OK to dig up a password.
Note that your passwords are stored on LastPass servers (AES-256 encrypted though).
What makes it special: A pop up comes up when you want to login in an app that you have a web account registered in LastPass.
The only solution that offers control over where your data is stored Dropbox or simply locally.
It uses AES-256 encryption with a strong autogenerated key that is unlicked by your Master Password.
You can sync between your computer and mobile via Dropbox or via WiFi.
There is only Windows and Mac support on the Desktop and only iOS and Android on mobile.
The applications are very well designed but they don’t offer autologin on apps beyond their included browsers on mobile.
It has a free trial but after that it costs $50 for a one time licence.
What makes it special: The ease of use and the ability to control where you store your passwords.
It is my personal favorite but I am cheap and I use LastPass. It keeps your data encrypted (Yes, that uses AES-256 too) on Dashlane’s servers.
The interfaces are better than LastPass so you are going to use it more and it offers the ability to store Credit Cards and a very good form completion feature. It costs $40 a year which is not cheap.
What makes it special: It has very good apps and it also offers an Android Keyboard to use to input your passwords on mobile. It is safe to believe that this is coming to iOS too.
Google is more aggressively implementing password manager features in Google Chrome. It keeps passwords encrypted proposes randomly generated passwords and to save passwords but is not yet as advanced as the others.
Keeping all your really strong passwords in one place encrypted is better than using the same password everywhere.
Start using a password manager today.