Protect your information by using unique passwords for each website

In this day in age, small-medium and even large websites’ security is still lacking from simple attacks in OWASP Top 10 Vulnerabilities. Juggernaut sites fight a swarm of mosiquto hungry like hackers who wants to steal their data.

Password Managers offers ease of mind, strengthen security, and a disconnect between accounts you hold.

Using password managers such as Lastpass, Dashlane, 1Password, and open-source solutions like KeePass will elimate password reuse across multiple sites.

Data breaches have become, sadly, a common occurance with disclosures of them happening varying from years later to a respectively instant. A visual of the size and amount of breaches can be seen here. If your email has an account with a company that has publicly leaked your info can checked with haveibeenpwned.com created by Troy Hunt, an Information Security Specialist.

Using unique passwords for each site prevents attackers from testing your password on popular sites. On smaller sites, they may improperly store your password, in which they might just simply store in plaintext or encrypt your password which allows them to reverse it easily if they have breached the whole site. Even juggernauts like Yahoo was using weak outdated 1-way irreverisble encryption (hashing) called md5. This allowed attackers to quickly solve passwords and attempt to use them on sites you most likely be on such as Facebook and Google. Password reuse is common and we most likely all done it without using password managers or security awareness.

The real important security factor in password managers: Your Master Password

While reducing the the security implications of reusing your password, you now protect all your passwords with one password. This greatly increases the target value of your master password, as it takes one ring to rule them all. The complexity of your master password should be long, unique, complex, and diverse in numbers, letters, and special symbols as you can remember for a very long time. While the idea of changing your password often is a great security practice, this causes fatigue and may cripple your complexity of your password compared to one that could be double or triple the complexity and length.

Password Manager Tips

Various password managers often offer unique features such as Two-Factor-Authentication (2FA), offline storage only, open source code, password sharing, and many more. Choose a password manager that meets your needs and is reputable in fixing vulnerabilities that arises quickly. Keeping your database offline is another great way to increase security, while trading off convience, you could also manage the database yourself such as using dropbox or syncthing. Self hosting your database will prevent it from being taken in a batch hosted by the password manager company in case of a breach. Apply 2FA if you can with your password manager to add another layer of security so if the attacker guesses your password, they would need something you have.

Password security is a huge step forward in protecting your privacy and safety on the internet. As big sites like Facebook and Google integrate a major portion of our lives, they contain information and power to harm or offend others or yourself. Isolating and reducing your footprint of information between sites improve your own security and sanity when you find out that one of the sites you use had a breach.