Jan 31, 2014

Your 3 Tasks for "National Change Your Password Day"


Tomorrow, February 1st, is National Change Your Password Day (according to Gizmodo). We’re in full favor of any efforts to improve online security and spread awareness of the dangers of using the same passwords everywhere. So, it’s time to roll up your sleeves to make 3 positive changes for National Change Your Password Day:

1. Change the password of your primary email address.

The Yahoo attacks on January 30th show how critical this step is. Hackers attempted to use data from other breaches (such as the Adobe breach) to try to gain access to Yahoo email accounts, likely trying to leverage the email to access more critical accounts. Our email accounts are the keys to our digital world. Access to your primary email address could lead to the compromise of accounts like online banking or your online identity. That’s why it’s very important to keep your email address well-protected. With an unprecedented spree of hacks in 2013 and no signs of them slowing down in 2014, updating the password for your email address keeps you one step ahead. If you use the same password elsewhere, this is imperative. Follow our simple steps to generate a new one with LastPass.

Bonus task: Enable multifactor authentication for your email if you can.

2. Change your master password.

If you’ve been using the same master password for LastPass since 2009, time to update it. Over the years you may have logged in through friends’ computers, at hotel lobbies, at libraries, maybe at Internet cafes - any of these untrusted computers could have had malware or key logging software, putting your master password at risk. Check out our tips on creating a strong master password, and update it today by launching your LastPass vault from the LastPass icon, and open your “Settings” menu to enter a new one.

Bonus task: Enable multifactor authentication with LastPass.

3. Share this message!

You know about secure password management - but many people don’t. Please tell someone about using a password manager. Everyone should know that “improving their online security” is as easy as downloading a password manager like LastPass. With passwords centralized in one place (don’t store them in browsers!) and with a handy password generator to make unique, strong passwords, a password manager is the lazy way to rock your online life. What if those silly “bad password lists” were no longer a thing?

Well, it starts here, and you can be the change.

14 comments:

  1. I'd add enabling two-factor authentication to this list.

    ReplyDelete
    Replies
    1. Definitely - it counted as a "bonus task" in today's list :)

      Delete
    2. Actually it shouldn't be a bonus. It's essential to keep your data safe. We need an "enable/implement two factor day"!

      I would also like an optional warning message if I use a password more than X (user defined) days. It would not only raise awareness of long-time used passwords, it would also be easier to change passwords regularly.

      Delete
    3. Thanks for the suggestion, we do hope to add this feature!

      Delete
    4. Just started using Toopher with my LastPass! Best 2fa solution I have found so far. Not annoying to the user at all! Anyone using LastPass should give it a try... seems like they do 2fa right.

      Delete
    5. Glad you're liking it! Agree it's a pretty handy option.

      Delete
  2. I think i skip, i have 80 different passwords, and don't want to change everyone of them.

    ReplyDelete
    Replies
    1. Changing all of them at once can be daunting. That's why it's best to focus on the most important first - like your primary email address. Don't give up!

      Delete
  3. I love using the "Security Check" tool in LastPass to help me find my weak passwords and duplicates.

    ReplyDelete
    Replies
    1. We're glad to hear you're finding it so useful!

      Delete
  4. Just got burned by "Change your password". Kickstarter was hacked, so I did what I always do... generated a new password (had no idea what my old password was, because it was generated by LastPass). Unfortunately, when you generate the new password LastPass asks you if you want to update the password. Yes, of course. BUT, on the next page of the form it wanted to know my OLD password which was now overwritten. Fail. Unfortunately there seems to be no support link, and no page that describes how I might retrieve the former contents. Of course since LastPass changed my saved password, I can NO LONGER login.

    ReplyDelete
    Replies
    1. Sorry to hear of the trouble - we're aware of the problems with Kickstarter and are taking a look. In the meantime, you can open your LastPass Icon > My LastPass Vault > search for your Kickstarter login > Edit > click the "History" option next to the password field. You'll be able to view the password history, and look at the old one, and then type it into the actual Kickstarter form. If you're no longer able to complete that step, please use the recovery steps on Kickstarter: https://www.kickstarter.com/login and save the new password to LastPass. Let us know if we can be of further help: https://lastpass.com/supportticket.php

      Delete
  5. Intel and bunch of other major tech companies are doing a World Password Day on May 7. You guys should do a follow up article. passwordday.org

    ReplyDelete
  6. Just in case you have not figured it out, out of all the 365 days of the year this is the absolute worst day to change your password because of the hype around it it is is the day those trying to steal your new password are most likely to be trying to tap into your password change request. Change it soon but not today. Just my opinion, I could be wrong!

    ReplyDelete