Menu

How to manage your online passwords

LukeGattuso

On the iiNet Blog we recently featured an article on Privacy Awareness Week 2015. It included a range of helpful tips on how to create a strong password and when you should update your passwords.

We received a lot of feedback on the article, thanking us for these tips. There were also a number of customers who were asking for assistance in how to manage all those passwords.

We agree. So many websites out there require passwords and keeping track of them all isn’t an easy task.

What should I use?

Everyone’s security needs are different so it’s difficult to recommend a particular product or application. The best thing to do is read current reviews online and weigh up the pros and cons for yourself.

There are a number of articles that provide guidance on the latest password managers to help you manage all your passwords.

The following articles outline some of the functional differences between products, and assess which are leading the field.

What are the differences between different password managers? 

The main difference between the products out there is that some are cloud based while others use local storage.

Cloud based products store the information online/in the cloud, which allows access from multiple devices (if supported) such as your mobile, tablet and laptop, and includes apps like LastPass.

Products that use a local storage mean that they can only be used on the device they’re installed on, or attached to if stored on a USB device, and includes apps like KeePass.

From a security point of view as long as the cloud based apps encrypt the passwords before they send them to the provider then your passwords should be plenty safe enough, although it’s worth noting that some cloud based services can have ongoing costs depending on versions or functionality required.

Real tech heads tend to use the local storage apps as the perceived risk is lower if the passwords are only stored in one place. That has some logic but is at the expense of usability now we use more devices in more locations.

It’s also worth considering that modern malware can also do some pretty amazing things, and sometimes our hardware fails, so files stored locally should be backed up, and your anti-malware (aka anti-virus) software should always be kept up to date no matter what you use.

This is something security people can discuss for hours, but hopefully that helps answer some questions!

Photo Credit: Luke Gattuso

9 comments

  1. Aaron says:

    Thank you for your input.

    Please never write an article again.

    Especially, never include links to other articles.

    Worst of all, where is the update on the take over stuff.

    When will you de-commission my email address?

  2. Paul Mah says:

    Good overview of the difference between cloud and non-cloud storage of passwords. True that the perceived risk of storing passwords only locally is lower, though the truth is that most users will opt for cloud-based storage due to the greater convenience it offers.

    Regardless of password managers used, users must be warned about the increasing risk of the bad guys getting hold of passwords through phishing or spear phishing. Would you consider writing a new blog on that topic? Thank you. – Paul Mah, commenting on behalf of IDG and FireEye.

  3. Robert says:

    Great article. I use Sticky Password, they’ve rated as Editors Choice on PCMag, which is great. And also I think they’re desktop based, so it might be a good alternative to Keepass.

  4. wayne says:

    It’s interesting to note where passwords and on line security are involved that everyone mentions PCs ( Poor Choice’s) and not Mac’s. With all the risks involved with PC’s why more aren’t using Mac’s and all the advantages and security they offer. You don’t hear of a Mac getting hacked, maybe a virus now and again. I get rubbish emails all the time, but so does everyone. I’ve had Mac’s since 1986 and have had no problems.

  5. Rod Lovel says:

    Another option is Firefox sync with a Firefox master password.

  6. Jack Cola says:

    Or don’t use any passwords and just remember an algorithm in your head.

    Create a strong base password like: TyyBB%99*& and remember that, then work out an algorithm that you can remember.

    So say you want to remember your password for Facebook

    You can start your password with the letter K and end it with a F, then put an ‘a’ in the middle somewhere so your password becomes “KTyyBBa%99*&f”

    It will then take one person to have like 3 of your passwords to work out the trend, and you just have to remember one password.

  7. Terry says:

    Article is not quite true – Password managers such as KeePass can be cloud based – all you need to do is keep the database file in somewhere like Dropbox and it will be available to all devices.

  8. Matt says:

    @Jack Cola,
    I am inclined to say, “great idea” as I use that very method myself and encourage others as well when I am called upon to create a password on their machine for whatever reason.

    I used a product called Password Safe on Android; the Master Password feature of Firefox; and I refuse to use Keepass or LastPass as they really are not that good for what I need them to do.

    Thanks.

    M

Menu

Search