Password management


The spate of major security vulnerabilities unfortunately continues with the latest one being designated the ‘Heartbleed’ flaw. Basically, this is a bug that was found in the code that provides encryption for many web based applications. This means that attackers could potentially extract username and passwords on affected systems.

Due to the vulnerability being given such high priority most vendors patched their systems very quickly, mitigating any issues. However, such incidents again highlight the importance of good password management for all your IT systems.

The problem is that good security practices dictates that you should be using a unique password for each site and that password should also be complex. Maintaining such a  regime is very difficult for most normal people and that is why the smart thing to do is to use a password manager to not only securely hold all your passwords but also generate new one for you.

A product that has been mentioned a few time on this blog that fits the bill is Lastpass. The free version allows you to achieve good password security on your desktop and for as little as $1 per month it will allow you to achieve the same on your mobile devices. However, given the availability of a free version there is no reason why you shouldn’t be using a password manager.

Another measure that many providers are offering is multi factor authentication. This means that not only do you use a password but you also use a code generated by a token or provided via an SMS. This extra level of protection will ensure that your account won’t be compromised even if the password is divulged.

This is an interconnected world we live in, and with us consuming more and more online services it is more important than ever that you take measures to ensure that your accounts remain as secure as possible. It is important not to simply fall into the trap of accepting the defaults but to be pro-active and ensure you use all the security and options available to you with every service. There are plenty of tools that can make the process of being more secure easier and most are free.

Remember the cost of implementing security before an incident is far cheaper than implementing afterwards. So be pro-active and get secure today.