We have a page dedicated to telling you all about how important your iCloud password is, which you might want to check out if you need to learn more about the importance of security online. In the summer of 2014, a Russian cyber gang stole 1.2 billion usernames and passwords, by hacking into over 420,000 web and FTP sites as reported by CNET. So the importance of having a secure, hacker-proof password is higher than ever.
If a company you work with gets hacked, you need to change your password, and you better not ever think of using that password again. On top of that, if you’ve read our iCloud Password page, you should know the difficulties we all face in having to remember all of our passwords off the top of our heads, whilst making them “secure” passwords. With all the different sites we need to remember passwords for, and the number of times we have to keep changing them these days, your best bet is to use a password manager. DO NOT USE THE SAME PASSWORD ON DIFFERENT PAGES.
Check out this brilliant article on LifeHacker telling you why that’s a terrible idea.
What is a Secure Password?
A secure password is in short, a password that is difficult to guess. You don’t want to use anything other people could easily find out about you such as your pet’s name, your lover’s name or your favourite colour. They should be long and unpredictable using a series of letters, numbers and symbols. You definitely shouldn’t reuse a password on different accounts, even if it is so secure you are super proud of it, because inevitably at some point, a password leak will occur, even on large and secure sites, and if that happens, you really don’t want hackers being able to try using your username/email address/password etc on all other sites. It could literally ruin you. Cyber crime is a massive problem, so do yourself a favour, and lock up. Use a password manager.
What is a Password Manager?
A password manager is a piece of software which should utilise leading encryption technology to securely store and remember all of your passwords. The passwords are usually stored encrypted, so you need to unlock one level before unlocking the next, which makes them much more secure than a standard password.
The Problems with iCloud Keychain
To start off we do need to say, Keychain is a fantastic idea, and has really put password management into the mainstream. But the main problem with Keychain is that it doesn’t use the highest end encryption security software (for the geeks amongst you, they are using the P-256 curve which is no longer trusted by, well most people), and the other key concern is that it doesn’t need re-authentication.
In simple, this means if someone steals your device, and it isn’t locked, they can access absolutely everything. All of your passwords, if you use Keychain, are stored in Safari. You can access them by going to Safari>Preferences>Passwords and you can click a button to show the passwords. This is great for remembering them, but leaves gaping security holes if your device is stolen.
Check out a great article from iMore on the troubles iCloud keychain needs to fix here.
The idea behind the name LastPass is that this will be the last password you ever have to remember. LastPass will remember all of the rest of them for you. And being a cloud based password management system you can access it anywhere, as long as you have internet access. You can even access the web version of LastPass on your mobile, but we’d recommend you use the LastPass app, which is super secure and easy to use.
LastPass not only uses AES 256-bit encryption software, but all sensitive data is both encrypted and decrypted on your device, which means it never actually leaves you device. Which means LastPass never even has the details to enable your password to be seen by them. It is only seen by you, encrypted, then uploaded to their site, and the decryption key remains on your device.
That’s why we use (and would recommend you try) Last Pass. Click here for a free trial.
Check out what Digitwirl had to say about using LastPass below:
Before you go ahead and start using LastPass, first make sure the password you choose for your LastPass account is SUPER secure. And click here if you want that free trial.