You Should Really Change All Your Passwords
Part of my routine when I walk to work is to listen to podcasts. It’s my favorite thing to do. They often inspire me with new ideas or I’ll pick up some interesting tips. However when I listened to this podcast it stopped me dead in my tracks.
“Reply All” (one of my absolute favorites) starts out telling the story Alex Blumberg, CEO of Gimlet Media (which produces the podcast) getting his Uber account hacked. This wasn’t such a problem for me, as I don’t even have an Uber account but I continued to listen. I protested them a long time ago when they first started out because they stole my credit card information. But I digress.
Back to the podcast – the story itself is a little frightening because not only does Alex have his account hacked but the hacker also covers up all his tracks. Once the hacker has treated himself to a few free Uber rides in Russia he manages to delete the account without any trace. Even though Alex’s credit card was charged, when he calls up Uber they have no record of him.
So how did the hackers get into his account?
When a website (like Dropbox or LinkedIn) has a data breach and people’s username and password data are stolen, that information is then sold on the dark web. Someone can then buy that information and use it to try and access your other accounts, by seeing if you have used the same password. That’s why two factor authentication is so important, find out how it works here.
The obvious way to prevent this from happening is to have a different password for every account you have on the internet. But let’s face it – ain’t nobody got time for that.
So what do you do?
The podcast suggests getting a password manager account. Here’s how it works – you will create one master password and it’s the last one you ever have to remember because the password manager will remember all the rest of your unique passwords for all your accounts for you.
I’ve recently started using LastPass, which is a free service. You register all your accounts with them and then use their browser extension to log on to websites. It will help you create very strong passwords and remember it in their database.
It’s been very easy and convenient to use, and I definitely feel much safer browsing online.
At first it’s a bit daunting to think that you have to change all your passwords all at once. You don’t have to if you don’t want to. But now that I’ve been through it (slowly at first) I’d recommend just ripping off the bandaid and letting LastPass change all the passwords for you. They will contact each website and change your password to something really long and convoluted that will keep your account secure.
You can also share passwords with people you’re collaborating on projects with and not even give them the actual password. You will just give them access to that account in LastPass so they will be auto logged in but not actually see the password. This is so helpful for small businesses.
Check out LastPass and let me know how you like it. And if you have another password manager that you like better let me know in the comments below.
Update: A few people have pointed out that keeping all your passwords in one place could make you more vulnerable. Password managers like LastPass have to be on the cutting edge of internet security technology in order to stay in business. You can check out LastPass’s website for all the various methods they use to keep your passwords safe.
What keeps Last Pass from getting hacked?
Hi Cheryl, here is a link to LastPass’s website which explains their various methods for keeping your passwords safe (https://lastpass.com/enterprise/security/) Hope that helps!
I’m new here and not familiar with your blog and what not, so don’t take this the wrong way: do you get any commission/kickback from LastPass for mentioning their app?
Your post was good (the Gimlet Media h/t peaked my interest), just curious if you are promoting this app over others for financial reasons (which is totally fine).
Thanks!
Hey there! So nice to have you here! Nope, I don’t get a kickback from LastPass, I just really like them. If ever I’m an affiliate with a company, I fully disclose it. Thrilled to have you here and hope you stick around!
Uh, how is LastPass protected so it can’t get hacked?
Hi Victoria, that’s a good question! You don’t want a password manager that doesn’t keep your passwords secure. Here is a link to LastPass’s website which explains their various methods for keeping your passwords safe (https://lastpass.com/enterprise/security/) Hope that helps!
Yes! I too started using Lastpass. Today I am setting 20min aside to see how many passwords I can change and store in Lastpass…thanks for the reminder!