Title graphic made using the WordSwag app
Being a digital scrapbooker inherently means working on a computer and the vast majority of us purchase digital supplies on-line. We have scrapbooking store accounts to purchase supplies, gallery/forum accounts to share with our community, banking accounts to make purchases, and an email account is necessary to create all of the other accounts. Many of us also participate in our hobby through social accounts on Facebook, Twitter and Instagram. We save our favourite pages on accounts at pages like Pinterest and SpringPad and ScrapStacks. All of this makes up the on-line world where we participate in the digital scrapbooking community.
Need a Password Manager
So, given how much of what I do that is online, I followed the news about the Heartbleed vulnerability with interest, but a bit of confusion. I heard we all needed to change our passwords to virtually every web site we use – but that we needed to make sure that each individual web site we use was secure first, because otherwise the password would have to be reset again. I have a lot (a lot!) of log-ins and passwords and this news made my head spin. Just think about all of the sites that you use on a regular basis:
- Web-based email
- Social media accounts (Facebook, Instagram, Pinterest, Twitter, etc.)
- Banking and PayPal
- Merchant accounts (any store you’ve ever created an account for – including all of your favourite digi scrapbooking sites)
- Utility accounts (including your mobile plan provider)
- Library account
- Clubs and membership accounts
- Paid subscription accounts
I probably have over 50+ accounts and passwords to manage.
Realizing that I had to update all of my accounts was the push I needed to find an automated solution. A password manager is a software tool that maintains all your passwords and allows you to log in with one single Master Password. Given that, it makes sense that the Master Password had better be a good one — very strong and impossible to guess.
I knew I wanted a password manager that could support a few important features:
- Two level authentication support via Google Authentication – This simply means that to log in, you need something you know (the Master Password) and something you have (a secondary number randomly generated via the Google Authentication application on your phone).
- Support for both my desktop computer and mobile phone.
I researched password managers at a few of my favourite sites:
For me, it seemed like LastPass Premium ($12/year) would be the best option because it had all of the features I needed and could be used to manage passwords across my devices.
I downloaded the free version from their web site and installed it using the executable file provided. It took just a couple of minutes to install on my computer and add an extension onto my web browser. I then updated to the Premium account via the LastPass web site and downloaded the LastPass Premium app for my iPhone from the Apple Store.
I already had the Google Authenticator on my iPhone, but it is available for free download from the Apple Store. It was straight-forward to connect my LastPass account with the Google Authenticator.
The LastPass software automatically imported all of my passwords and usernames from my browser into the LastPass Vault. I took a few minutes to organize my passwords in the vault into folders (e.g. Scrapbooking Sites, Social Media Accounts, Physical Stores, etc.) because the list was very long. I also moved a few passwords into a Shared Family Folder. This allows other LastPass accounts that I approve to be connected to access those passwords and is useful for family accounts to Netflix and billing accounts (like a home Cable account or Hydro account, for example).
LastPass offers a security check where it reviews all of your existing accounts and passwords and scores them according to whether or not they are unique and how strong they are. For any with flagged weaknesses, I was able to quickly go in and use the LastPass random password generator to create really strong passwords.
Time Will Tell
It’s only been a short while that I’ve had a password manager installed, but I’m already feeling more organized and secure. I’m hopeful this will put me in a good place to minimize any losses of my personal information when the next big bug is found, or when the next store is hacked.
How do you manage all of your passwords right now? Do you feel secure?
Like Heddy, when the Heartbleed announcement came out, I knew it was time to head over to 1Password to make sure that my passwords were updated. I started using 1Password a year or two ago to manage my passwords, but I
was lax in making sure that every password was unique and as secure as
it could be.
1Password is available for Mac, Windows, Android and iOS. They also have a Mac/Windows bundle if you need to sync to different systems. And, they offer a family pack. They are really good at offering upgrades and they recently added a new feature to check your logins against sites affected by Heartbleed so you know to update them.
Why I like 1Password:
1) They have multiple “vaults” allowing you to share the passwords you choose with other family members or coworkers.
2) They have browser extensions that will auto-fill websites for you.
3) The iOS version has a built-in web browser for easily opening and logging into sites with a tap.
4) You can sync in multiple ways, including wi-fi and dropbox.
5) Your password database files are encrypted and cannot be unencrypted without your master password.
6) It comes with a password generator for easily creating a variety of types of passwords, in any length.
7) The browser extensions allow you to log into a site and automatically save the login to your vault.
8) I can organize my passwords by folders, as well as flag favorites that I need to access often.
9) It has a security audit built in to show you passwords that have not been changed recently, those that are used on more than one account, and those that are considered weak.
10) 1Password supports many types of accounts including logins, credit cards, email and ftp accounts and even notepad notes.
1Password has been a huge help in updating all my passwords. It took a few hours to sort them all out, but now I know if any one password is compromised, I can quickly and easily change that one.