Account Security

Security: Issue

After having accounts like Twitter, Facebook, Hotmail and Google, hacked I decided it was time for me to take my account security a little more seriously. I had a single 6-character lower-case password that I used for all of my sites that were not related to finances and a 8-character mixed-case password for financial institutions. I'm really surprised I was not hacked more often.

If you really want to keep your accounts secure, it can be very hard. A different 12-character, mixed-cased password for every web-site with letters, numbers and special characters used. If you only visit 2-4 websites you could possible remember long crazy passwords like g$k,a4yOR/3t; several dozen different websites however is another story. Even if you can remember them all, re-typing them is a royal pain to do.

Security: Solution

There are several solutions online that you can use, such as Last Pass and 1Password, or even platform specific tools like Apple's Keychain. All of which synchronize across OS X, iPhone, iPad and iPod Touch. Last Pass and 1Password have the added ability of synching to your Windows machines as well. Since I use both OS X and Windows 7, I decided to use 1Password. I had looked at Last Pass but it didn't seem as elegant as 1Password was nor had I heard very much about it. All of the podcasts that I listened to at the time were sponsering 1Password, so I took the bait and bought it.

It was an excellent solution for the longest time, until they released 1Password 4 which really screwed things up for me. I used to synchronize through Dropbox, and for some reason the latest itteration of this software managed to mess that up. When I sync to dropbox, it doesn't send the lastest changes over to my device sometimes like it should and my Windows version of 1Password refuses to open the dropbox file. It tells me there is an issue with the file and that I have to fix it using the OS X version of 1Password.

While it has it's bugs, it is still my go to tool for password synching and generation. Every website I visit has a different account password now. That increases the security of my digital content by a huge amount. In the event that someone hacks Sony's Playstation Network servers again, they won't have the same password that I use to sign in to my banking institution.

Regardless if you use Last Pass, 1Password or Apple Keychains, I encourage everyone to use some form of password generation for their login credentials. Generating a strong password isn't enough though, you need to create it and use it once. Reusing the same password across multiple sites opens you up to some real security concerns if someone ever figured out the password.