During a recent morning on 3740 kHz we discussed the two big Yahoo email breaches and the need for effective password use and management. A detailed
Q and A about the Yahoo breaches is available in
this article by Brian Krebs. Today we depend upon online accounts for many purposes. Our most important accounts (e.g. finance-related) must have strong passwords that are not reused at other sites. A good way to meet these requirements is by use of a password manager. (Paper records are also popular, but require manual typing of login details and secure handling.) Below are links to two (of many available) password manager programs that have good reviews from security analysts and journalists. Both are free and have versions for Windows, Mac, Linux, iOS and Android. If you have not used one, I suggest that you try one with one or more of your existing logins to explore the features.
You can find these and
many others reviewed in many web articles such as the following:
Several programs provide
automatic fill-in of username and password
blanks on web sites that you log into. Some or most can use secure cloud
storage to make it easy to access your password data from multiple
computers or mobile devices. These programs can also generate a complex,
random unique password of any length to use with each online account.
Note that use of any password manager requires you to choose a
strong master password since it must protect all of your stored passwords.
For additional security you should consider
two-factor authentication (2FA) which requires entry of an additional piece of information when a login is attempted from a previously unknown device. This is strongly recommended for online accounts that involve your financial matters. Below are links to articles that discuss how two-factor authentication works and why you should use it.
At the very least, you should make sure that your important / finance-related online accounts use
unique and long passwords. Password complexity is important too, but if you must sacrifice complexity, use longer length. For an appreciation of the importance of password length see
this article by Steve Gibson. With a password manager you can use long and complex passwords since you are not burdened with manually typing them in at each login.
Your comments and questions are welcome.
John
No comments:
Post a Comment