Protect Online Accounts
One of the biggest contradictions with passwords is that they need to be unique, strong and hard to crack, yet somehow easy to remember. Thankfully, password managers are built specifically to aid with this process – you set up a vault containing all your passwords, then unlock it with one master password, meaning that you only need to remember that one to effectively gain access to all the rest.
Our favourite password manager is LastPass. We recommend the Premium version, which syncs across all your devices (mobile and desktop) and offers two-factor authentication as well, which means that even if someone hacks your password, they still can’t get at your vault. LastPass is installed as a browser add-on or standalone app, and offers to save passwords as you enter them for the first time. It can also generate strong, randomly generated passwords for sites, and thanks to its Security Challenge feature can then alert you to weak and duplicate passwords that need changing, as well as highlight sites that have been the victim of attacks. In some cases, it can even automatically change these passwords for you with a single click – though generally you need to change them manually.
But LastPass itself was hacked, we hear you cry. These days, it seems major websites will at some point be subject to attack. The question is, how robust are the site’s defences? In the case of LastPass, it did give up user email addresses, but nothing else was lost – LastPass has no access to your master password anyway, while the encrypted vaults were left untouched. LastPass then immediately enabled email verification, which meant any hacker logging on from an unknown location who guessed your password would still be blocked, while you would have received an email notification, giving you time to change your password.