Steve Gibson is the one man I trust for security information. He runs a company called GRC (Gibson Research Corporation) at GRC.com. There, he offers free programs and advice to test the security of your computer. My favorite is “Shields Up” that checks the security of your router.
Steve also does a weekly podcast called “Security Now” with Leo LaPorte on Leo’s TWIT network. Last week, Steve did an in-depth study of a free browser add-on called “LastPass.” And when I say in-depth, I mean really in-depth. Steve studied it for a long time, dissecting it every which way and pronounced it safe to use and recommended that everyone use it to store their passwords.
Your passwords are the weakest link in the security of your computer and your privacy. Too many of us use the same password on almost every site. Many are easily cracked. We use the name of a spouse, a child, a dog, or a word that can be found in the dictionary. Many have way too few characters. And yes, I have been guilty of this in past myself. These kind of passwords are easily cracked…and could open up your life to identity theft.
A good password, according to Steve, should be 10 characters long, have upper and lower case letters, include some numbers and should not be words found in a dictionary…in other words, gibberish. If you do that, the number of permutations would be on the order of 7.6 x 1017. To put that number in perspective, that would be approximately the number of yards in a light-year. Good luck trying to guess that kind of password.
Of course, the problem with this kind of password is trying to remember it. LastPass will do it for you. Not only that, when you go to a Web site for the first time and create a login, LastPass will offer to generate random passwords for you of any specified length and store them for you. When you back to that Web site, the program will automatically pop-up and log you in. How far you want LastPass to go is up to you. LastPass is extremely intuitive.
But, how safe is LastPass? It is so safe that even the parent company doesn’t know your passwords. They are stored on their servers in the cloud using a random method of encryption that is between you and your computer. No employee of LastPass can retrieve it. I have set LastPass on my laptops to automatically log off LastPass if my browser has not been used for an hour, so if my laptop is stolen, they cannot get at my passwords.
Another great feature of LastPass is automatic form filling. I filled out a long form on LastPass that has all my personal data, and when I run into a form on the Net that must be filled out, LastPass pops up and asks if you want it filled out. Again, it is very intuitive.
I have been using LastPass for sometime now, but even I did not know about many of its features until I listened to Steve’s podcast. If you would like to hear Steve’s analysis of LastPass, check out the podcast on the TWIT Network site. Skip ahead to approximately the last hour of the show. I warn you that Steve is very detail oriented and might lose you sometimes in the details, but if he says it is good…believe him.
Even if you don’t listen to him, check out LastPass and add it to your browser’s add-on’s. It works with almost all browsers. And it is free.
1 comment:
Considerably, this post is really the sweetest on this notable topic. I harmonise with your conclusions and will thirstily look forward to your incoming updates. Saying thanks will not just be sufficient, for the phenomenal clarity in your writing. I will directly grab your rss feed to stay informed of any updates. Admirable work and much success in your business dealings!? Please excuse my poor English as it is not my first tongue.
Rosetta Stone Language
Post a Comment