So what’s common between Scarlett Johansson, A Foxconn supplier in China & Wired journalist Mat Honan? They all got hacked!
While an enormous amount of time and money is invested in enterprise security its amazing that how less we think about securing our personal digital life. Thankfully, securing your passwords is neither complex nor expensive. In fact you can setup a very secure system in five easy steps for free.
Why would you get hacked?
Hackers are motivated by a variety of reasons ranging from fun,money or vengeance.If you are not moderately famous,rich or inflectional, the chances of you getting hacked might be relatively less but not unlikely. Regardless of the chances the consequences can be particular devastating, specially in this connected world where we have so much information online. For example a couple of years back if someone were to hack my personal email, they would have got instant access to much more than just a bunch of old email. They would have good access to a bunch of personal documents, my bank account information numbers, they would have easily hijacked my online identity on social network sites. If they were really creative they would have got me fired and ruined my reputation beyond repair.
Secure for free with Lastpass & Google Authenticator in 5 easy steps
- List what you want to secure – Prepare a list of sites that you want to secure and generate some really good passwords for them. There are number of resources that can help you generate secure passwords. Here is something to start with http://www.thegeekstuff.com/2008/06/the-ultimate-guide-for-creating-strong-passwords/ .Alternatively you could use a password generator. Don’t worry if you feel overwhelmed with the need to remember each of them. When you are using a password manager like Lastpass, it will remember the passwords for you and also manage them.The Lastpass master password is the only the only password that you will have to ever remember.
- Download and Install Lastpass – Lastpass binary installer is available across platforms including Mac,Linux & PC.For a complete list https://lastpass.com/misc_download.php. I personally like the Google chrome extension version.I can access it across PCs and Macs seamlessly.If you like to carry your privacy on a portable USB, you can also install the portable USB version that supports both portable Chrome and portable Firefox.
- Setup & Configure Lastpass – If you do not already have a Lastpass account create one. You can do it either form the Lastpass site or directly from the browser extension. It is really important that you choose this password carefully. This is your master password. It needs to be both secure and something you can remember (without writing it down or storing elsewhere).The master password is the only way to access your password vault and Lastpass does not store this.
- Add Sites & Test your passwords – Next add sites to your vault that you want to secure. This is as easy as visiting the sites on your browser with the last pass extension installed.You can also add the sites manually at the Lastpass website.Once the sites have been added to Lastpass, every time you visit the site, Lastpass will populate the authentication for you.if you prefer, you can also manually retrieve your passwords from the Lastpass password vault online.Additionally you can create groups within your vault to organize your sites and passwords further.Lastpass also provides a unique security check feature that allows you test how secure your passwords are across individual sites..Once you have setup and added your sites to Lastpass, I would strongly recommenced you to run the security test. You might be surprised by the results. Take corrective action if required.
- Enable Two Factor Authentication using Google Authenticator – You have setup secure passwords for your sites and have configured Lastpass to track them. Now imagine if the hacker were to get access to your Lastpass master password. Lastpass allows you setup multi factor authentication using Google Authenticator. Once enabled, in addition to the master password you will also need a pin to access your Lastpass password vault. The pin is generated by the Google Authenticator app which comes free both for iOS and Android devices. You will first need to install this on your mobile device and then register the Lastpass application with the Google Authenticator app on your device.You could take an extra step and enable Google Authenticator for your other supported applications as well, but at the very least you must enable it for your Lastpass account.
You can use this method with any other password manager, but I personally like Lastpass. It’s free, extremely secure and supports multi-factor authentication.