Apps and services to make your online passwords harder to crack
Security group SplashData recently revealed the 25 most commonly used passwords of 2015, and they're all terrible.
By 'terrible,' of course, we mean that they're laughably simplistic and easy to crack. The number one spot is occupied by '123456' for example, while number two is - you guessed it - 'password.'
Of course, we all have multiple passwords to remember, which (alongside simple laziness) is what leads to such sloppy decision making. There must be a better way to make strong passwords without risking locking yourself out of your chosen services.
Fortunately, a number of dedicated apps and web browser tools are providing such a service. Here's the lowdown on some of the ways to make better passwords.
First up, some tips on basic password good practice from Microsoft's Windows support page. According to the big M, you should ensure that your password is:
- At least eight characters long
- Does not contain user name, real name, or company name
- Does not contain a complete word
- Is significantly different from previous passwords
- Contains at least one uppercase letter, lowercase letter, number, and symbol
Of course, that only helps with security. It doesn't help with the whole memorisation thing. For that, you'll need to turn to one of the many password tools out there.
The best place to start is with your chosen web browser.
The world's most popular web browser has a built in password manager called Smart Lock for Passwords. This will remember your passwords for the sites and services you access through it, and autofill them when you sign in.
Ensure you're signed in to Chrome and set up your password on whatever service you're using. Chrome will automatically ask you if you want to save the password.
The good thing about this is that if you use an Android or iOS device with Chrome, this password memorisation will also sync to your device (and vice-versa).
Another thing you might find Chrome doing in this situation is suggesting an auto-generated password for you. These are random assortments of letters that are pretty much impossible to guess. Of course, they're also very hard to memorise, but Chrome has you covered on that count.
Related: Chromecast tips and tricks
If you're using a Mac or iOS device, then there's a fair chance you're using Apple's own Safari web browser. Fortunately, this too has an integrated password management tool called iCloud KeyChain.
Provided you're using a device that runs on iOS 7.0.3 or later or OS X Mavericks v10.9 or later, you're good to go. If you didn't opt to set KeyChain up when upgrading to one of these, then you can do so by going to Apple menu > System Preferences > iCloud in OS X or Settings > iCloud in iOS.
Once activated, on many occasions where you come to filling in a password on a website, KeyChain will offer to save the password you choose. It will also share these across to your other OS X and iOS devices, should you approve it.
Like Chrome, Safari will also provide and store a randomised suggestion that will prove all but impossible to crack, should you accept it.
Aside from these two leading web browsers, there are some great apps that can help you go even deeper and more secure with password management.
Related: El Capitan tips and tricks
1Password is a popular password manager with apps for Windows, OS X, Android, and iOS, and plugins for Chrome, Safari, Firefox, and Opera. It's often praised for its sharp, intuitive UI.
Like the aforementioned browser tools, 1Password remembers all your passwords securely, as well as other sensitive personal information like bank account details. It can also generate strong random passwords for you, should wish.
1Password also enables you to sync your auto-remembered passwords across to your mobile devices through dedicated apps.
Everything in your '1Password vault' is protected with a single master password, so you'll need to remember one password (hence the name) at least. But it's worth the effort - your vault of private details is protected by AES 256-bit encryption.
The benefit of using 1Password, or any other top third party password management service, of course, is that it will work across browsers and systems - handy if you have a Mac at home and a Windows system at work (or vice-versa).
It should also be noted that with 1Password, your vault of data is stored locally on your devices rather than in the cloud, unless you specifically specify that you want to sync to the cloud (via Dropbox or iCloud) in this way.
Another neat feature is that 1Password will actively search through your passwords and point out where you have weaknesses - whether through a poor password choice or a service that was recently breached.
1Password isn't as fully featured as the services to follow, but it works out cheaper over several years. It costs £18.99 for the Mac app and £7.99 if you want all of the features in the iOS app, but those are one-off fees rather than the ongoing yearly subscription fees that the other services charge you.
Related: Best Android Apps
LastPass is the daddy of password managers. It was one of the first really good examples to arrive on the scene, and so has built up a solid user base.
Because of that, its list of supported platforms is even stronger than 1Password. It includes Windows, OS X, and Linux on the desktop OS front, and iOS, Android, Windows Phone, and Blackberry on the smartphone OS front. It also offers plug-in support for Internet Explorer as well as Chrome, Firefox, Safari, and Opera.
Once again, it remembers your passwords for you and locks them behind a secure digital wall and a single password. That one password uses Google Authenticator for two-step authentication, with a number of alternatives also supported, and you can also employ your fingerprint if you have a TouchID-equipped iOS device.
Like 1Password, it also points out weak passwords and makes it easier and safer to change them. In fact, LastPass can even be set to automatically change your password if it detects that a particular service has been hacked. Now that's peace of mind.
Interestingly, LastPass also supports the use of physical devices such as USB sticks and YubiKeys for password authentication, which can be very useful in certain situations.
Unlike 1Password, you'll need to pay a subscription fee to get the full LastPass experience, including access to the mobile apps. This will set you back $12 (£8.45) per year.
Dashlane doesn't have quite the level of support of LastPass, with just Android, iOS, Windows, and Mac on the list. But it has its own appeal.
While it offers a similar service of remembering and generating new web passwords (the latter can be set to produce pronounceable words if you like), Dashlane does so through an incredibly attractive and intuitive UI.
It's also free when used on a single device, but you'll need to pay a pretty hefty $39.99 for the cross-platform syncing premium version.
Like LastPass, Dashlane uses Google Authenticator for two-factor authentication, and you can swap in Duo Mobile or Twilio Authy if you prefer. Also like LastPass, it allows for fingerprint authentication if you have a recent iPhone or iPad with the TouchID home button.
Another feature that both Dashlane and LastPass share is the ability to import your saved passwords from the aforementioned web browser systems, and then delete them from those browsers and deactivate future saves.
It might sound a little morbid, but Dashlane is also one of the password managers that features an Emergency Contacts feature. If anything fatal should happen to you, it can be set to provide access to specific passwords and personal details to pre-selected parties (such as a spouse or family member).
There are many other non-password-related LastPass features that we won't discuss here. Suffice to say if you want a comprehensive tool for making your online activities both safer and easier, it's right up there with LastPass on the feature count.
What's your password manager of choice? Let us know in the comment section below