Yesterday, there was news that LinkedIn was hacked and six million passwords leaked on the internet. There were two main concerns for users:
1. Someone could log in to your LinkedIn account and make contact with your connections. LinkedIn is primarily a business network site and so the concern was with the potential damage to your professional reputation.
2. Many people use the same password for most if not all of their accounts online – and so if someone had access to this one password, then changing your password on LinkedIn would not be enough.
There is a growing problem with online security and the buck stops (or at least is shared) by you, the user/subscriber/member. Take a look at these stats:
- The average person has between 7 and 25 accounts that they log into every day. (source)
- People report authenticating about 15 times in a typical work day on average. (source)
- 86% of U.S. companies use password authentication. (source)
- 70% of people do not use a unique password for each Web site. (source)
- Around 82% of people have forgotten a password used on a Web site. (source)
- The top 5 passwords at Gawker (based on released records) accounted for roughly 1 in 4 passwords. The top password, 123456, came in at over 3,000 uses within the dataset of 188,279. (source)
- According to the 2012 Global Security Report by Trustwave, ‘Password1? has become the most common password used in business. (source)
Naturally, one of the reasons people use the same password is so that they can remember it. If I log into between 7 and 25 accounts each day (as per the stats above) then I don’t want to remember 7 to 25 passwords. But it only takes one security breach – and if you are using the same password on PayPal as you do with sites that you have no real understanding of their security.. then you are kinda asking for trouble.
So here’s the solution.
There is software called 1Password. It runs on Windows, Mac, Android and iOS (iPhone and iPad).
This software is a very secure vault for ALL your passwords. These passwords are kept on your PC, your iPhone or wherever. They are stored in an encrypted file that is useless to anyone without your master password. The master password for this vault is the ONLY password that you will ever need to remember again. You keep that password safe and change it every couple of months or so. All of your devices will be able to synchronise so that when you add an login on your laptop, it will automatically be on your iPhone. Genius.
Here’s a summary of the features:
- store multiple types of logins and accounts – including software licenses.
- automatically fill in login forms for you (you don’t even need to copy and paste)
- synchronise to all your devices
- passwords are stored in local file – not on server – so you have control
- password file encrypted with military grade encryption – more details can be found here: http://help.agilebits.com/1Password3/security.html
So. What you need to do is purchase this software and install on your devices. Set up synchronisation via wifi (Mac-only) or dropbox. Start recording every login as you need it. Then – if the password you are using is your “standard” one — change it!
Remember – you don’t need to ever remember this password and so make it as secure as possible. I use the Generate Random Password too found here -> http://www.pctools.com/guides/password/ and set the Password Length field to 14.. then press generate and just use what ever it gives me. When you register on a new site – create a new password. Stop using the same one.
When every site you visit has a unique and strong password, you will never have to worry again about hacking attacks like the one on LinkedIn. Just remember to keep your master password safe and change it regularly. You now only have one password to remember.. just like you wanted.