Should I Use a Password Manager?

lastpass
Share on FacebookTweet about this on TwitterShare on LinkedInShare on TumblrShare on Google+Pin on PinterestDigg thisShare on RedditEmail this to someone

“I use the same password for everything, how can I expect to remember all these different logins otherwise?”  Does this sound familiar?  Many folks use the same practices for internet security that were employed during the 90s, but what we use the internet for in today’s modern economy is too crucial to follow outdated practices like this.  At Fred’s Appliance Academy, we teach the basics of appliance repair and that includes discussing how to keep yourself secure in this online world.

Just think about the number of websites that you and your business deal with.  You need a login and password for the following:

  • Nearly every Parts Distributor has their own platform requiring a login to order parts.
  • Every manufacturer, assuming you are authorized, has their own login/password to look up technical documentation
    • Some have separate apps requiring a login/password to access educational material
  • If you are working on warranty calls, the platform to submit your claim has a separate login/password
  • Third party directories that list your business like Yelp and Yellowpages each require a separate login/password
  • Your accounting software and bank accounts have a separate login/password
  • Your credit cards have a separate login/password
  • When you register a student on our registration platform, you need to create a separate login/password

The list goes on and on and it’s not going to get any simpler.  Many of you may scoff at the idea of needing to care as long as you don’t use online features.  “I call my part orders in” or “I do not bank online”.  That’s fine but you are still at risk whether you want to participate or not.  Your banking information is online, your credit card information, your warranty claims, and your part orders are all stored online.   All that information is available to hackers, again whether you agree to use those services or not.

Let’s lay out a scenario that has happened already.  You have a credit card with Target.  You decide not to use any online features but Target as a company gets hacked.  What hackers tend to do is seize login information.  They are banking on the fact that you use the same login and passwords for other accounts.  Once they have your “master password”, they start trying to use it on other websites, like your bank or social media accounts or your email.  This is how an identity gets stolen and the ones that most at risk are the folks who do not use online features.  They are not getting notifications that someone just accessed their online account or being alerted that money has moved from one account to another until it’s too late.  Now you have an uphill battle to recover anything that was stolen along with proving your identity to each account that is affected.

So what do you do?  Panic?  Depends.  If you use the same password on everything, I would panic a bit.  Do you know how many online accounts you have?  I don’t.  Too many to remember.

Time to setup a password manager.  Nothing is 100% secure but you need to work with a company who has a vested interest in keeping your data secure.  Companies like Lastpass can help for as little as $1 a month per user.

The video playlist above goes through different features provided by LastPass along with some tutorials, but for the sake of simplicity here is what it can accomplish:

  • It will set up a Master Password for your account.  Even LastPass doesn’t know what it is.  There is a lengthy process on recovering the password if you forget it but it’s designed to prevent a hacker from accessing the info.
  • It will help you generate unique passwords with various characters like C42$%!asdRTW492
    • So now if your Target account is hacked like in our scenario from earlier, no need to panic.  Each password in your LastPass account is different.  Just update to a new password and go about your day.
  • The tedious part is adding each website you use to the LastPass Vault, but once you do, you launch every site you want to access from the vault.  It takes you to the page and in some cases auto-logs you in.
    • If you are a service manager, this is HUGE.  Set up a folder in your vault with all the login/passwords your technicians need(tech support websites, part lookups, etc) and share the entire library in a couple clicks.  You can even restrict your employees from seeing the password so they can access the account but cannot change the password.
    • If you have to let an employee go, you simply unshare the folder.  Simple, fast, and the peace of mind knowing your accounts are secured from a disgruntled employee.

So what happens if LastPass gets hacked?  Good question.  As I already mentioned, nothing is 100% secure but I would rather have a team of professionals who deal with online security daily deal with a hack then try to deal with it myself.  But getting a password manager setup is just the first step.  Check out our next post in regards to online security in the coming weeks as we discuss the next step in securing your online presence with two-step authentication.