Computerware Blog
You Absolutely Need a Password Manager in 2024
It doesn’t matter who you are; your age, your occupation, your employment status, your station in life—you need to make 2024 the year you get your cybersecurity hygiene in check. What we’re going to talk about today isn’t overkill, overly complicated, or expensive. This isn’t us trying to sell you on something. In fact, this is probably the easiest New Year's Resolution you can give yourself.
First, let me start with a really quick story.
IT Technicians are Always the Family Tech Support Around the Holidays
This isn’t personally my story, but that of another IT technician. For the sake of the story, we’ll say his name is John.
Both of John’s parents are retired. They spend a lot of time together watching television and John has always helped them out by setting up streaming services like Netflix and Hulu. The television his parents had was a few years old—it still worked, but for some reason, it stopped supporting Hulu, Disney+, and a few other services. It’s such an annoying problem, and over the years, John had tried getting his parents Fire Sticks and Chromecasts and other things that would let them watch the shows they wanted to watch.
Over Thanksgiving, John brought the kids over, and his parents claimed that they couldn’t watch Disney+. John, who had set up an Amazon Firestick on the TV so they could, asked them why not?
As it turns out, his parents were still paying for the service, but never figured out how to switch the TV inputs from cable to the Firestick, and just sort of assumed it didn’t work. Granted, this older TV wasn’t helping the situation; it was slow and overly complicated to get around, there were too many remotes, it was a big mess. John ordered his parents a new television for Christmas that had everything built-in.
(This isn’t an advertisement or endorsement for this brand of TV, but we’ve found the TCL TVs that have Roku built right in are REALLY reliable, especially for non-technical people, in case you are wondering.)
So Christmas comes, and John is setting up the television for his parents and helping them make a Roku account, and logging them into their streaming services.
John asks his mother for each password, and each account is using the same password, and it’s the mother’s maiden name plus the year she was born, with an exclamation mark at the end.
John stops what he’s doing and says, “Listen mom, that’s not a very secure password, and you are using it for three different services?”
His mother replies, “Oh it’s not like Netflix and Hulu know I’m using the same password.”
John says, “Mom, that’s not the point, if one of those accounts gets compromised, other people can get into your other stuff too.”
Mom: “I don’t know anybody who knows my maiden name, and besides, it’s just Netflix. What are they going to do, watch my programs?”
This is a Dangerous Attitude to Have in 2024
Not to put down “John’s” parents. They aren’t exactly as plugged in as most of us have to be, but this way of thinking isn’t exclusive to those of us who don’t work on computers for 9 hours a day. Even so, I think a lot of people fall into this trap simply because they are too busy or preoccupied to truly think about their own cybersecurity hygiene.
It turns out that younger generations are reported as being more likely to fall for scams and cybersecurity issues, but there is also evidence that older generations simply don’t report it when they do fall for something.
Either way, this is a problem that doesn’t really care who is targeted. Cybercriminals don’t know your name, age, gender, or job title based on an email account or stolen credentials. They likely don’t know where you are from, what you do, or how much money you have to lose based on stolen credentials—and they likely don’t even care.
When it comes to cybersecurity, you are just a statistic.
Your Personal 2024 Cybersecurity Resolution
I promised I’d make it easy for you, that this will be the easiest New Year's resolution you ever make for yourself. Ready?=
Get Yourself a Password Manager and Use It
You have a few options, including Keeper, Dashlane, 1Password, EnPass, Zoho Vault, and Keepass.
Here’s the thing; these password managers above are all enterprise-grade solutions. That’s a great thing when it comes to personal security too. You might think that this is overkill, but these days, having the extra protections in place just makes sense.
The biggest benefit, however, is that if you use these services in your business, you can usually get personal plans for each staff member. Keeper, for instance, costs a few dollars per user per month, but it also gives that user access to a family plan so they can secure themselves personally and give a license out to their spouse. This is a testament to just how important these organizations think cybersecurity hygiene is.
We can help you determine the best password manager for your business—you’ll just need to call us and we can help you determine what would be the best fit, but for your personal life, any of these solutions should work great, and only cost a small yearly fee in most cases.
Once you choose a password manager, make an account, give it a strong, secure, totally unique password that doesn’t include any personal information like birthdays, pet names, anniversaries, or anything like that. Then start putting all of your accounts into it.
“But Google Chrome Saves All My Passwords!”
While this is a nice feature of your web browser, it’s never going to be as secure as a legitimate password management tool. There have been plenty of cyberattacks reported where Google Chrome passwords were exploited. It’s simply not worth the risk.
In fact, after you get all of your passwords into your password manager, you’ll want to go into Google Chrome and tell it to forget all of your passwords.
You can do this by going into Settings > Privacy and Security and clicking Clear browsing data. Set the Time range to All time and make sure Passwords and other sign-in data is the only option selected. This will remove all stored passwords in Chrome. Obviously only do this when you are sure you’ve captured everything into your new password manager.
Change All Of Your Passwords Over the Next Few Months
This is a harder task. I did this for myself a year ago, and took a day off of work just to accomplish it. I went through every single account I have—there were over 300—and reset every single password to make it as secure and random as possible.
Make each account a unique password using the random password generator tool in your password manager. Sure, you won’t be able to memorize your Facebook password or your Netflix password, but that’s not your responsibility anymore. That’s why you have the password manager.
Password managers can help you become more secure. Most will warn you when you reuse passwords or do things that are lazy or sloppy, so it can help you be more accountable when it comes to your online security.
It doesn’t matter how connected you are, or how small of a target you think you might be; being secure is your responsibility.
If you need help setting up a password manager, don’t hesitate to give us a call at (703) 821-8200 to get started.
Comments