Ok, here’s the thing. The world is full of stupid questions, eye-rollingly stupid questions. If people had an easily accessible brain in their head, perhaps the stupid questions wouldn’t flow like bourbon on Christmas Day. My entire life has been in search of the perfect balance of sarcasm that gets my point across but doesn’t insult the person it’s being fired against. I think I finally achieved that, just yesterday, during my daily lunchtime coffee run.
The conversation shifted to passwords and the amount of them we all are forced to remember. Being the computer geek that I am, I used this as an opportunity to plug LastPass, the superawesome password manager that has simplified my life in many ways. There’s a learning curve to it, a shift in thinking that fundamentally forces you to hit the orange reset button (old school computer reference) or the learning curve will run you over. For most that understand that you need passwords, and they’re not going away, learning to use a password manager isn’t too difficult. I had thought, sort of smugly, that my words had translated into yet another word-of-mouth sale of LastPass. Boy was I wrong.
Me: Once you get everything into LastPass, the only password you need to remember is the master DB password.
Them: Do you store that password in LastPass too?
Me: No. (red flag) The master password unlocks your encrypted password DB so you can get to the rest of your stored accounts.
Them: I have to remember another (rolled eyes) password?
Me: Uh, yeah, but it’s the last password you’ll ever need to remember.
Them: Cool, I can make it my standard password.
Me: Probably not a good idea, this is the one password that unlocks every other password you have stored. I’d suggest that you make it 20 character or longer.
Them: How will I ever remember THAT?
Me: Make it a passphrase with each word capitalized. An example could be “MyDogsNameIsRoverAndHeIsAGoldenRetriever1234”
Them: Does it really have to be THAT long? What about “masterpassword” with the s’s $’s and the o as a zero?
Me: Yes, it does, but you should just stick to your address book of usernames and passwords.
Them: How did you know that?
Me: (blank stare) Experience…..
The need for usernames and passwords, even with multi-factor and 2-factor authentication verification in place, isn’t going away anytime soon. Bio-metrics like fingerprints are still relatively new and not completely secure. Facial recognition has its problems too. We’re still a long way off from ditching passwords is what I’m saying here. Take some personal responsibility for your information because no one else will. My personal information was leaked in the Equifax breach, so was my wife’s, but I was not the least bit worried about my accounts. The password I use to secure my LastPass account is so long, I actually had to shorten it when I first set it up. The earlier password I used to use, a paltry 15 characters long, averaged about 275 years to crack with current software and technology. Yeah, not worried about my security.
A saying I remind people of all the time that holds true today as much as it did 20+ years ago:
It’s not IF, but WHEN you get compromised.
Words to live by in a world that is hell-bent on getting as much data on you as possible.