160 likes | 469 Views
PASSWORD MANAGER. Why you need one. WHAT IS A PASSWORD MANAGER?. A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox, Safari, etc ) or an App on your Smartphone. BASIC FEATURES. Remembers and fills in your login and password information for each site
E N D
PASSWORD MANAGER Why you need one
WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox, Safari, etc) or an App on your Smartphone.
BASIC FEATURES • Remembers and fills in your login and password information for each site • Can create strong, unique passwords for you for each site AND REMEMBER THEM • Protect you from phishing attacks or mistyped URL’s • Protect you from keyloggers
ADVANCED FEATURES • Import passwords from browser / Export to text or XML file • Create Secure Passwords, letting you select password length (min 13 characters recommended) • Form fill – credit card, address, etc • Securely store other information – medical or insurance info, software serials, etc • Works across all platforms/devices
ENHANCED SAFETY Better than: - Keeping passwords on a piece of paper or as a text file on computer - Using browser (web attack, theft, can’t fill forms or save other info) Advise for Heartbleed and other attacks Advise for insecure or reused passwords
WHY LASTPASS • Works on all devices (Windows/OS X/Linux/Android/iOS/Windows Phone) • ONE master password to remember • Automatic sync across all devices via cloud securely NOT using third party sync • Accessible ONLY by you • Browser integration • Password ONLY known to you. LastPass cannot provide even under court order
USING LASTPASS • Lastpass uses your email address and ONE Master Password for access • Default install is for LastPass to remember your email address (OK) AND your Master Password (uncheck that option) • Choose a strong Master Password (random characters, number, symbols) • Keep master password stored offline somewhere, no way to recover without it
USING LASTPASS • LastPass also safely and securely lets you use your login credentials from an untrusted computer such as a friend’s computer or a computer at a library. HOWEVER, do one of the following: 1. Use two-factor authentication 2. Use pre-arranged one-time password instead of your real Master Password
LASTPASS HINTS & TIPS Some sites intentionally coded or have subsections that result in LastPass (and all others) to not remember the inputted data BEFORE YOU CLICK THE LOGIN BUTTON, click the LastPass icon, you will see your entered data, and then click Save Restrict Logins to specific countries (good idea for GMail and other supported sites) Set up Two-Factor Authentication (and also on individual websites that allow it) http://www.howtogeek.com/121267/11-ways-to-make-your-lastpass-account-even-more-secure/
LASTPASS HELP Help is available by: 1. Online / downloadable user manual 2. Official video tutorials 3. Unofficial YouTube video tutorials generated by user community
LASTPASS COST Completely operational version for use on desktop or laptop is free For use on a mobile device (smartphone or tablet) is $1/month
EVEN THE BEST PASSWORDS….. May NOT be secure! Passwords stored improperly on the host website may be easily compromised. Possibility of “inside job” or spear phishing Really important to not reuse passwords! Insist on two-factor authentication on “high value” sites – Email, Financial, Medical, etc
TWO FACTOR AUTHENTICATION Add an additional layer of protection to ensure your information is safe, even if your password is stolen
TWO FACTOR AUTHENTICATION Three Factors can be used to identify you: - Something you know (password) - Something you are (Eye scan, fingerprint) - Something you have A. Text message, Yubikey, phone call or an app on your phone B. Pre-arranged list of one-use passwords
The importance of two-factor authentication: Even if someone has access to your computer, they still can’t log in without your phone/Yubikey, fingers or eye Even if your login and password are stolen in a security breach they still do not have access to your account INSIST on this on your high-value sites (banking, financial, credit card, email, etc) You can optionally “trust” a computer/device so that you only have to do the second factor authentication once.
IN CONCLUSION Please consider freezing your credit And use a credit card instead of a debit card You could save yourself a lot of hassle