Home » Sunday » Technology
Stay safe by reducing reliance on passwords
SO many online accounts, so many passwords. No wonder it’s tempting to turn to apps and services that promise to keep track of your passwords.
But these password managers are like treasure chests for hackers. If your master password is compromised, all your accounts potentially go with it.
One such service, LastPass, says it has detected “suspicious activity.” Although it says it found no evidence that individual passwords or user accounts were breached, it’s advising users to change their LastPass master password.
I advise users instead to rely less on just passwords.
All accounts aren’t equal
Instead of having to remember dozens of complex passwords, maybe you need to remember only a half-dozen.
Focus on accounts that are really important: Bank accounts, of course, along with shopping services with your credit card information stored.
Don’t forget email. Who would want your mundane chatter? Well, email accounts are important because they are gateways for resetting passwords for other services, such as your Amazon account to go on a shopping spree.
As for social-media accounts and discussion forums, maybe there are some you value more than others. You might not care if someone posts on your behalf to a discussion board offering tech support. But if it’s a forum you value, and you’ve established a reputation under that identity, you might want to prioritize that, too.
For these highly sensitive ones, choose a unique password and remember it. Write it down by hand and keep it in a safe place. If you must store it electronically, use password-protected files kept on your device — not online. And don’t name that file “password.” Use something boring, like “chores.”
Lower priority
For the rest of your accounts, it’s not as bad to turn to a password manager, but it might not be necessary.
Web browsers from Apple and Google have built-in mechanisms for storing frequently used passwords. You even have options to sync those online if you use multiple devices. Google’s new Smart Lock feature extends that to Android apps, too, so you’re not limited to Web browsing.
Phones and fingerprints
If you haven’t protected your phone with a passcode, tsk tsk! Someone can easily swipe your phone and get to your email account to unlock all sorts of other accounts.
Fortunately, the latest iPhones and Samsung Galaxy phones have fingerprint IDs that make it easier to unlock phones.
Double security
Major services including Apple, Google, Facebook, Microsoft and Dropbox offer a second layer of authentication, typically in the form of a numeric code sent as a text message. After you enter your regular password, you type in the code you receive on your phone to verify that it’s really you. A hacker wouldn’t have access to your phone.
You need to go into the account settings to turn on this feature, which goes by such names as two-factor authentication or two-step verification.
Even safer
When given a choice, consider signing in with your mobile number rather than your email address. It’s much easier to hack into an email account to reset passwords. Of course, you’ll have to trust the service not to use your mobile number for marketing.
Also be careful when creating security questions to reset passwords. Your dog’s name? Your first school? These are things someone might find on your social-media page or elsewhere online.
- About Us
- |
- Terms of Use
- |
- RSS
- |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.