If you missed it, Ars Technica‘s Dan Goodin wrote a fascinating article this week on why passwords have never been weaker — and crackers have never been stronger. Goodin explains the importance of unique, generated passwords for all of your accounts, tackling concepts like hashing, dictionary attacks, rainbow tables, and salting. The main take-away points:
- Passwords are less secure than even a few years ago, thanks to advancements in hardware and password-cracking techniques, including the sheer speed at which they can be executed
- Hackers have created rules and algorithms to cut through our “clever password tricks”
- It’s critical to use a unique password for each site, and a password manager is the best way to achieve this
It’s stuff you’ve heard us say before, but the data he uses to back up the above provides a really convincing argument (if you have the time, the article is worth a read in its entirety).
With a password manager like LastPass, you’re well on your way to more proactively protecting your data – the security challenge can also help you identify weak and duplicate passwords, and the password generator can help you set long, unique passwords for each account. Data stored in LastPass is encrypted and decrypted locally, and is protected behind a whole lot of encryption technology, including salted hashes. But above and beyond that, LastPass is also staying far ahead of the threat landscape by implementing PBKDF2, which Goodin notes significantly increases the time and computation required.
A few other articles this week that caught our eye:
- 38% of us would rather clean a toilet than think of a new password << Apparently this study also showed 38% would rather do house chores than create a new username or password. Good thing LastPass can do the dirty work for you!
- Can you trust your browser with your passwords? << An interesting look at the options available for Internet Explorer 9, Firefox 14, and Chrome 21 – looks like Firefox wins, but Geier cautions that prying eyes, malware, and a crashed hard drive are still major risks, so using a password manager is recommended.
- 9 things you absolutely must do to keep your online identity safe << Great tips from the folks at Gizmodo, although we’d go with “diversifying” your passwords over “fortifying” them. Unique, strong passwords on all accounts = the best way to recover when an account is compromised, and prevents the compromise of multiple accounts.
What caught your attention this week? Share in the comments below!
Enjoy the weekend,
The LastPass Team