Never use Online Password Services

By | January 5, 2018

There are a multitude of services that are built specifically for storing your passwords. I’d like to briefly delve into why it is foolish to use any of them.

First of all, there are specific instances of these sites being hacked, for obvious reasons. If you store all the gold in one bank, that’s where the robbers are going to go. By placing your passwords alongside those of tens of thousands of other users, you have created a single target for a hacker. Number two, it is not in these sites’ best interest to report such events. Therefore, if they are hacked, you may well not be notified and will go along thinking everything is safe and secure, when in reality, someone in Russia has your password. One modern example is the case of Equifax being hacked and not reporting it in a timely manner. The sad reality is that Equifax is a company that purports to keep other companies’ information secure, and they themselves were hacked.

Similarly, you should never store passwords or other sensitive information in a text or Excel file, nor in your web browser- hackers know where to look for those types of files and can easily upload the entire thing if your computer is compromized.

You don’t ever want to put anything where it is accessible any other way than through your physical device. Fortunately, there is a solution called KeePass that will give you access to your passwords locally or on your mobile device. The biggest advantage to using a password manager such as KeePass is that it enables you to use a variety of different usernames and passwords without having to remember them all. Using the same username and/or password across numerous sites or accounts is a huge security risk, as there is always the possibility of a data security breach or just an individual hacker getting hold of your credentials for one account, then using them to access others.

Password strength is also an important consideration. Maybe you are setting up a Netflix account and sharing the password with your kids. The worst consequence to setting a simple, easy-to-remember password would be that anyone who gets into your account could watch movies and that’s about it. When it comes to protecting your assets, you are much better off using something that is unique and extremely difficult to guess. Example: b8$vuMePhc6^NLMZr$@uyPQN&

Lastly, it is very important that you keep your email secure by setting a strong password. The primary reason is that in most cases, the email account associated with your online credentials to any given site is used a means to reset the password. A good hacker can even temporarily divert your messages so that you will never be aware that your email account was used to reset a password.