Introduction
I’m sure like many of you, I have 2-3 passwords that I use for most sites. I used to have a short password that I created way back in college and a longer one with a capital and a number and sometimes a symbol that I usually use these days. However, it seems my short password has been hacked a number of times and even last week, my Kohl’s account was hacked (unfortunately for the hacker, the order was cancelled since I was banned from them.) Anyway, about 3 months ago, I decided it was time to switch to a password management tool.
Have you been hacked?
A reader linked to this site – https://haveibeenpwned.com/ to check if you’ve been hacked. Sure enough my LinkedIn password has been hacked as well as Myspace (jigga what?) I looked into the LinkedIn hack and found that 117 million passwords have been hacked. Let me take a moment to give a big FU to LinkedIn. Regardless, it’s time to move away from my 2-3 passwords and have unique passwords for every site. Yes, I know that sounds painful, but it’s necessary.
1Password or Lastpass
I had asked some people which of the 2 most popular programs do they use. 1Password is free, but if you need to share passwords, you’ll have to pay a fee. The way to synch passwords over multiple devices is you’ll need to install Dropbox (most likely scenario) or iCloud or whatnot. This is where I stopped. While I do have a Dropbox account, I don’t use it that often and this is where I switched to LastPass. So the rest of this post will be about LastPass. LastPass is ‘free’ but if you want to synch over multiple devices, it’ll cost you $12/year. I was okay with that pricing. So far, it’s been great. This isn’t a 1Pass vs LastPass review though; some of you may prefer 1Pass and that’s okay.
How I use LastPass
I use Chrome among all of my devices (Windows work laptop, Windows home desktop, Macbook home laptop.) You’ll want to install the LastPass Chrome extension. When you first install it, it will ask if you want to import all of your Chrome saved passwords into it, I reco you say YES. After that, you’ll want to set a “master password” for LastPass and enable 2 factor authentication. Then every 30 days, you’ll have to authenticate each of your devices to continue using it. Now that you have it set up (sorry for the lack of circles and arrows,) when you visit a web site, you’ll see an icon in the username box:
You can see I have 4 entries in that login box. Once I click on it, it’ll show me all 4 usernames that I’ve used to log into the site. This is great because now my wife’s accounts can have unique passwords as well. Her password schema is worse than mine even.
On the phone app, you’ll use your fingerprint to sign in (assuming you have a fingerprint on your phone.) I also store my credit card numbers on there as well (I never need to carry my Citi ATT card on me, but it’s good to have the number, expiration, and CID on my phone.) I’m sure there are other things I could store and use LastPass, so I’ve just scratched the surface. It will be a pain to enter in ALL of my cards, but it’s a necessary evil.
The only problem I have now is I’m too lazy to change the passwords of every site I go to. I TRY but sometimes you just get lazy. The only other gripe is if I connect to a site on my phone, I have to go into LastPass to figure out the password and go back to it on the browser. It’s a bit of a nuisance, but like I said, it’s something you’ll need to get used to in this day and age.
[Edit – A reader informed me that if I use the Safari browser on my iPhone, Lastpass will integrate the passwords. I’ll be switching over from mobile Chrome just for that reason.]
Conclusion
Whether you go with 1Pass or LastPass, I HIGHLY recommend you take the plunge and install one of these password apps this weekend. Then slowly but surely, change all the passwords of every site you’ve used the same password on.
If you liked this post, you can support the site by clicking here.
How secure are these sites? What happens if one of these sites gets hacked and ALL your passwords and login ID’s are stolen?
LastPass has been hacked – http://lifehacker.com/lastpass-hacked-time-to-change-your-master-password-1711463571
However, while hackers broke into LastPass, they can’t break into your user data because those were also encrypted. Like breaking into Fort Know to realize there is another Fort Knox inside of it. Of course this doesn’t mean it’ll ever get hacked, but I think LastPass has gotten smarter due to that hack, and I’m willing to take that risk.
I’ve used Dashlane for the last few years and i’m pretty happy with it. What i’m happiest about though is that i got in when it was free and now, i’m in for life with a free account, although they often encourage me to “Go Premium.” I don’t know about the ones you posted about, but what i’ve got works well for what i need.
Good topic. I use 1Password and it integrates directly into (at least in my experience) my iPhone browser seamlessly which is a huge plus. Within the mobile browser you just tap a button and it auto-logs you in like it works on the desktop (with fingerprint verification sometimes). Also 1Password even connects auto-magically to login some apps on iPhone so it doesn’t require you to always look up the login/pwd in a separate app. I’m sure both have pros/cons. Just my experience. I like that 1Password allows for multiple “vaults” so you can share vaults of passwords among family with a single login to your set of vaults.
Ah, so you’re using the icloud synch on 1Password then? And the safari browser is what you’re using on mobile? Maybe I should have gone that route vs the dropbox synch route.
No, it synchs through the 1password account.
https://support.1password.com/sync-options/
Ah okay, then you’ll need a paid subscription.
I’m not on a paid subscription. Just paid the one-time fee for the app. I’m sync’ing via dropbox (although you can do iCloud if ya prefer). Either way, 1Password is tightly integrated into Safari and Chrome mobile browsers which is really convenient for me.
Yeah same here. Free subscription. Good intergration with Chrome and Safari on iOS. I also use dropbox to create a shared vault that my wife can use with everything stored there. Lots of apps also use 1password natively (Uber for instance) where the functionality is built into the app.