Seriously, it's time to change your old passwords...Seriously!

#1

So, if you can imagine this, a huge corporation lied about the impact of a data breach…I know, I know. You’re thinking ‘No Way!’…but ‘Way!’.

If you’ll think back a few years, you’ll recall that Yahoo! announced that they had a data breach of growing proportions back in 2013. First they said a few million accounts (mostly not active for months) had been breached, but over time the number kept growing, and eventually they announced around 1 Billion accounts had been breached.

Now, they’re finally admitting that it was actually triple that. 3 Billion accounts!

So, if you had more than 1 yahoo account, or if you only ever had one, it’s time to do a few things.

  1. Get off of Yahoo! Seriously, they’re just bad news these days. <-- get it? ‘Bad news’.
  2. Change your passwords on all your accounts. Is it a pain? Sure, if you use the same username, email and password for all of your accounts ( :-S A little guilty here…but not completely, and I have change my passwords since 2013…several times in fact).
  3. You really should have different passwords for every site. The passwords should be long and complex. We can discuss what that means in our next meeting.
    3A. A password manager is going to be your best friend in the world.

What’s a password manager?

Great question.

A password manager is software specifically designed to help you keep up with your passwords. My mom, lover her to death, keeps her usernames, emails, and passwords in a physical card file so she can look them up when needed. I would prefer she didn’t keep it right next to her computer, but at least she does keep all different passwords and usernames for as many accounts as she can.

Why is a card file bad?

  1. A fire wipes out your whole list of sites, usernames, and password. BAD
  2. Keeping it next to your computer makes it very accessible to anyone who can also access your computer physically.

So, then what’s your big idea?

Password Manager software like LastPass or 1Password. There are some open source options as well like KeePass.

These bits of software are like an electonic card file that

  1. Stores your sites, emails, usernames, and passwords.
  2. Stores them electronically.
  3. Encrypts them.
  4. Requires a master password to access them.

Using a piece of software like this is smart because you now have an encrypted database of your information, and it’s better than a physical card file because.

  1. You can back up the database off-site, in the cloud, etc. Now a fire, flood, tornado, hurricane, earthquake, etc. isn’t such a threat to your vast collection of login credentials.
  2. It’s encrypted! Yep, even if someone manages to get your database, they would still need your master password to decrypt it.
  3. Being the smart folks we are we used a long, strong, complex password to encrypt our virtual file box and it’s not one of the passwords we used before, it’s not our date of birth, marriage, divorce, dog’s name, cat’s name, childhood sweetheart’s name, or anything a little digging would provide easily.

So, please, please, please, look into a Password manager, and pick the one that’s right for you.

PS - anyone wanting to do a section on the various password managers and what each offers - should.

As always, forgive any typos or auto-corrections I absolutely didn’t even check for.

#2

Thanks. I wonder what is best for that?