Make Sure to Keep Those Passwords Safe… oh wait…

Again and again we preach about creating safe passwords.  We talk about how important it is to have good solid passwords, and a variety of them.  And when we say all that, we assume that those passwords aren’t easily accessible to others.  That may be a wrong assumption.

Some merchants are even trying to make money by offering products that to some may seem like a good idea, but in reality they could make users even more vulnerable of losing all their passwords.  Before we get into that, let’s talk about why the sudden password buzz this week.

Open Chrome and put chrome://settings/passwords into the browser and the list of passwords pops right up.  If you click show on the password it will show in plain text.  Go ahead and try it.  It will look like this image, only yours might have a list of passwords.

However, the truth is Firefox isn’t much better– go to Tools –> Options –> Security Tab, click Saved Passwords, click Show Passwords.  The big difference is that there is the option to put in a master password that needs to be entered in order to see the list of passwords.  Chrome’s security team doesn’t think offering a master password would add any true security.  And the security head, Justin Schuh, states, “We’ve also been repeatedly asked why we don’t just support a master password or something similar, even if we don’t believe it works. We’ve debated it over and over again, but the conclusion we always come to is that we don’t want to provide users with a false sense of security, and encourage risky behavior. We want to be very clear that when you grant someone access to your OS user account, that they can get at everything. Because in effect, that’s really what they get.”

Now if you want to make your passwords available to not just people you give your computer access to, but anyone in your house…

With this recent hype about keeping your passwords safe, some merchants are offering some “off the grid” solutions.  One of those solutions is The Personal Internet Address and Password Logbook , available on Amazon.  Another option, perhaps more secure because it’s metal and has a locking pen feature is this Metal Password Organizer.  The last, possibly most secure item in our list (only if you carry it with you), is the Login Locker.  For people who are going to write passwords down and keep them on sticky notes on their monitors, these actually might be good options.  But for security sake, as long as anyone else could gain access to them, they are not good ideas.  Just think if someone broke into your house, things are replaceable but do you want someone to have all that info?

Comedian Ellen Degeneres gives a suggestion to secure a similar item called Internet Password Minder.  You can see the video here.

You may be wondering what the solution is, since you know you should create complex passwords and you shouldn’t write them down.  Well, there are solutions.  The one solution is called LastPass.  It’s a secure password manager, available as a plugin for Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and Safari.  LastPass is a good option for anyone who is ready to throw out (shred) your password sticky notes.

Make sure your keeping creating solid, varied passwords and keep them safe!!

Note:  Eberly Systems has no connection with any of the products mentioned in this blog article.