These days it seems like there’s a news story every week about a hack against a website or company that results in passwords being stolen. Odds are pretty good that lots of posters here have been a victim of this at least once. I know I have. When it happened to me, it wasn’t all that big a deal because I use a password manager to protect my online passwords. If one site gets compromised and my password gets stolen, it’s only stolen for that site and is pretty useless to the attacker.
So what is a password manager? A password manager is a program or website that creates unique passwords for every online account that I use. The three major password managers that I know of are:
• KeePass (http://keepass.info/)
• LastPass (https://lastpass.com/)
• 1Password (https://agilebits.com/onepassword)
KeePass is completely free. LastPass has a free and premium option while 1Password is a paid program. They all do the same thing but have different bells and whistles. I use KeePass but I know lots of people who use the other options. You’ll have to review the features of each to decide which is best for you. KeePass is what I’m familiar with so that’s the one I’m going to use as an example.
When you download KeePass, be sure to grab the latest Professional Edition version (link is here: http://downloads.sourceforge.net/keepass/KeePass-2.24-Setup.exe). Install it with all the defaults. Enable the auto update check if you want (you probably should) and you’ll be greeted with the main window. To get started, click on the highlighted icon to create a new password database:
Give your new password file a name. I’ll just use the defaults for this demo. You’ll get the Create Master Key Window. This is where you’ll create the master password for your password database. You should pick something that you’re sure to remember but that’s also hard to guess. Stuff like birthdays, phone numbers and other personal information is too easy to guess. Pick something like a song lyric that’s decently long. I’m going to use the password “ThisisademoforPERB”:
removed by Mod
You can see that the little password meter is in the green. If it’s not in the green, pick something else. A master password that’s too easy to guess won’t do you much good in case someone finds your password database. Click OK and OK again at the next screen. We don’t need to change anything there. You’ll now see your new password database:
[IMG]http://i.imgur.com/JNyV3vb.png
You can safely delete those two samples. When you delete them, notice that they go into a Recycle Bin. This lets you get a deleted password back in case you deleted it accidentally. Let’s create a new password. Click on the key icon. This brings up the New Entry window. This is pretty basic: you can name the entry, list the user name and even the URL of the site that the password is used on. As you can see, the default password is well into the green. This password is pretty secure and will be effectively impossible for a hacker to guess. You can tune this to make them even harder to guess but the defaults will work pretty well. Here’s my completed demo entry:
Click OK. Now you can see your new entry in the list:
Now that you have a new password made, it’s time to change it on the website. I’m not going to go through those steps here since it’s different for every site. Double click on the ******* in the password column when you’re prompted to enter your new password. This will copy it to your clipboard for a few seconds. Just paste it in the password field when you login. You can do the same thing when it’s time to login. Click the little picture of a floppy disk to save your password database and now you have a new secure password. You can (and should) do this for every website you log into to keep your online accounts safe.
Hopefully this helps some of you be more safe online. Let me know if you have any questions or if something's unclear and I'll try to answer it for you.
So what is a password manager? A password manager is a program or website that creates unique passwords for every online account that I use. The three major password managers that I know of are:
• KeePass (http://keepass.info/)
• LastPass (https://lastpass.com/)
• 1Password (https://agilebits.com/onepassword)
KeePass is completely free. LastPass has a free and premium option while 1Password is a paid program. They all do the same thing but have different bells and whistles. I use KeePass but I know lots of people who use the other options. You’ll have to review the features of each to decide which is best for you. KeePass is what I’m familiar with so that’s the one I’m going to use as an example.
When you download KeePass, be sure to grab the latest Professional Edition version (link is here: http://downloads.sourceforge.net/keepass/KeePass-2.24-Setup.exe). Install it with all the defaults. Enable the auto update check if you want (you probably should) and you’ll be greeted with the main window. To get started, click on the highlighted icon to create a new password database:
Give your new password file a name. I’ll just use the defaults for this demo. You’ll get the Create Master Key Window. This is where you’ll create the master password for your password database. You should pick something that you’re sure to remember but that’s also hard to guess. Stuff like birthdays, phone numbers and other personal information is too easy to guess. Pick something like a song lyric that’s decently long. I’m going to use the password “ThisisademoforPERB”:
removed by Mod
You can see that the little password meter is in the green. If it’s not in the green, pick something else. A master password that’s too easy to guess won’t do you much good in case someone finds your password database. Click OK and OK again at the next screen. We don’t need to change anything there. You’ll now see your new password database:
[IMG]http://i.imgur.com/JNyV3vb.png
You can safely delete those two samples. When you delete them, notice that they go into a Recycle Bin. This lets you get a deleted password back in case you deleted it accidentally. Let’s create a new password. Click on the key icon. This brings up the New Entry window. This is pretty basic: you can name the entry, list the user name and even the URL of the site that the password is used on. As you can see, the default password is well into the green. This password is pretty secure and will be effectively impossible for a hacker to guess. You can tune this to make them even harder to guess but the defaults will work pretty well. Here’s my completed demo entry:
Click OK. Now you can see your new entry in the list:
Now that you have a new password made, it’s time to change it on the website. I’m not going to go through those steps here since it’s different for every site. Double click on the ******* in the password column when you’re prompted to enter your new password. This will copy it to your clipboard for a few seconds. Just paste it in the password field when you login. You can do the same thing when it’s time to login. Click the little picture of a floppy disk to save your password database and now you have a new secure password. You can (and should) do this for every website you log into to keep your online accounts safe.
Hopefully this helps some of you be more safe online. Let me know if you have any questions or if something's unclear and I'll try to answer it for you.
