What is your Password Protection Strategy?

If you are like anyone else nowadays, it’s a guarantee that you have more logins and passwords than you know what to do with.  So you likely take one of two paths: 1) you use one password, and all of your various logins use some variation of your favorite password (Pythons56, pYthon$56!, etc.), or 2) you write down your login information on some scrap of paper that you keep at the bottom of a hidden drawer, in your dayplanner, or in a password protected file (probably using a variation of your Python$ password mentioned above). To take it a step further, we’ve all done the dance of trying multiple times to login to a site having used one of the two paths above, only to have to break down and click the dreaded “Forgot Password” button.  The good news is that it doesn’t have to be this way and, if you care about password protection and the security of your information as well as your client’s information, it shouldn’t be.   Rather than making a list of the top password apps, I’m going to focus on one called Lastpass that seems to have gotten the most play to show you how simple it is to use.  And just as an aside, I don’t have any interest in Lastpass other than just being a satisfied user.

Lastpass for Password Protection

Lastpass works as an extension to your favorite browser.  A quick download from the site installs the widget next to your URL bar.  When the Lastpass logo is black in your broswer, you are logged out, and red means you are logged in.  When you are logged in, Lastpass will recognize when you are attempting to input login information and an option will appear at the top of your browser that looks like this:Screen-Shot-2014-05-27-at-10.03.42-PMIf you choose “Save Site,” you are then given the option of naming the login info, as well as categorizing it into a folder.  This is great for anyone who may be working on various projects for clients, all of which require access to login information and need a way to keep each set of logins contained within specific project folders.  It also allows for easy deleting of all passwords when the project is completed and you no longer need access.

Multifactor Authentication

Finally, you may be asking, “Well, what stops someone from stealing my computer and then having wonderfully easy access to my whole life, passwords included.  The beauty here is that Lastpass forces you to create one password for everything.  From there, every time you open your browser, you must put in your Lastpass password before getting started.  For another layer of protection, you can also turn on multifactor authentication and pair your Lastpass account with Google Authenticator on your phone.  In addition to typing your password upon each browsing session, you will also be required to put in the 6-digit code currently appearing on your smartphone.  Each code appears for about 30 seconds, which requires you to have access not only to your computer, but the specific smartphone that you have paired with Google Authenticator.

Lastpass also gives you the ability to fill out sign up forms with information that you have pre-selected, generate secure passwords for each of your various account and copy and paste all of your login information for any site.  It also allows you to customize the settings so that you must input your Lastpass password in order to complete any of these actions. Obviously, there are some features that are only available for the paid version, like being able to use the service on your smartphone as well.  But the free version provides enough features to get you well on your way to complete password protection.

Written by: Zachary P. Elliott, Esq