Articles in Category: Passwords
As few as three random words make better passwords than strings of random characters — but not, perhaps, for the reasons you think.
Password vaults are a common recommendation by security professionals to improve your online security. Why do so many resist?
A high-level overview of how websites and services should store passwords security, so next time there’s a breach you’ll know what to look for.
While travelling, I signed in to my LastPass account only to be told I needed to confirm an email message that never arrived — or so I thought.
Two-factor authentication is different than passwords, but they both share important recovery steps if there’s a problem.
Six practical approaches to generating passwords, ranked from best to worst.
There are a number of ways to confirm your identity if you don’t have your phone. The catch is that most have to be set up before you need them.
Occasionally people suggest that usernames should be treated like passwords. While there’s some merit to the idea, it’s ultimately impractical.
Two-factor authentication is an important tool to keep accounts secure, but prepare for losing the second factor so you don’t lose your account.
Yes, password managers put all your information in one place. It better be a very good place.
A longer password of repeating characters is more secure than a short complicated password — but there’s more to security than cracking.
The best two-factor authentication approach varies based on your needs, and what’s offered by the service you’re trying to use it with.
LastPass is changing the terms of their free service. Find out if you’re affected, and what to do if you are.
A Google account includes Gmail, YouTube, and much more. If you want to keep those services separate, you’ll need separate Google accounts.
If you’re not using a password manager, you’re likely compromising your security more than necessary. Here’s why using one is safer.
Signing in without a password seems almost nonsensical, yet it can be more secure than traditional sign-ins. More convenient? That depends.
Two-factor authentication is a great way to keep your accounts secure from hackers — even those who manage to get your password.
Using different passwords on different sites is not only good practice, it’s necessary to keep your accounts safe. I’ll review why, and how best to handle a plethora of passwords.
These are oversimplifications of many variations on the same basic question. People want to hack into other people’s accounts, or even their own, for a variety of reasons. Some sound perfectly legitimate. Others, not so much. And others are just blatant attempts at theft, harassment, or revenge. What’s really scary is that I get these requests … Read more
Changing passwords periodically is conventional wisdom. I disagree, and then discuss whether periodic password change can even happen reliably.
For years, the standard practice has been to assume that eight-character passwords made up of sufficiently random characters was enough. Not any more. Not even close.
When you lose your second factor, there are two things to be concerned about: getting into your own account — for which you should be prepared — and someone else having access to your second factor — which isn’t as scary as it sounds.
It’s for your own protection, and the result of fascinating mathematical wizardry. And if they can tell you your password? They’re doing security wrong.
If you’ve lost your password, there are recovery steps. If you’ve also lost your email address, recovery becomes significantly more difficult.
With occasional security breaches at service providers and rampant email account theft, password security has never been more important. Make sure you choose and use secure passwords.
Using a different password for every login is an important part of overall security — and it doesn’t have to be difficult.
Headlines are proclaiming that two-factor authentication has been hacked. That in no way means you shouldn’t use it. Your account is still much safer with two-factor enabled.
Detecting and filling in sign-in forms is a password vault’s most basic feature. I’ll look at how that works, and what to do when it fails.
Security questions are a cornerstone of much internet security. I’ll look at what they are, how they fail, why you should avoid them, and what to do if you can’t.
The results are in for last year’s most common passwords. The implications are depressing, but important.
Trying to recover the existing password for an online account is usually an exercise in frustration. There’s one possible straw to grasp at.
Password are here to stay, at least for a while longer. Until they die, here’s quick review of how to make sure yours are as secure as possible.
Changing your password is a common response to account hacks. Unfortunately, it isn’t enough.
If you discover that your email address is part of a breach, you probably do not need to change it. But there are steps to take to protect yourself.
Password Checkup is a browser extension that tells you if the password you’re using has been discovered by hackers.
Password vaults are good at keeping track of passwords, but not answers to security questions. There is a technique you can use to help.
Losing access to your password vault can be a major inconvenience. Fortunately, that’s all it needs to be, and there are ways to prevent even that.
Effective website security is difficult, and often an afterthought. Not all sites or services store passwords securely.
It’s important to back up LastPass, because unexpected things happen. What you do with that backup, however, is critical.
Your LastPass password vault is full of exceptionally important data. Add additional security with two-factor authentication.
Password-strength meters don’t always agree. My take is to avoid them completely.
So many sites require a password, it’s very tempting to use only a single password everywhere. That’s dangerous, and there are alternatives.
News broke over the weekend regarding a potential phishing vulnerability that could lead you to give a hacker your Lastpass master password.
It’s not something we do often, but occasionally it’s important to be able to change your LastPass master password.
Web browsers aren’t necessarily the most secure approach to saving your login passwords. I’ll show you how to disable the feature and clear out any previously remembered passwords in IE, Firefox and Chrome.
Long passwords are your top-line of defense in internet security. Don’t let any trends steer you in the other direction.
Common wisdom is that you should change passwords periodically; so should you change user names too? My take: common wisdom is wrong from the start.
Many online services request that you provide additional information such as your phone number. I’ll look at how that’s typically used and why it’s a good thing.
The problem is that we don’t know what approach hackers are using to break your password. So, to be safe, the best password is both long and complex.
Some devices, sites and software use passwords that are limited to 8 characters. Today that’s often insufficient, but I’ll look at what steps you can take to increase security.