IT Handyman

Password manager?? I was hacked!

password manager, hacker

For a long time, I rejected the idea of password manager. Until I was recently a victim of a hacker and they managed to change my Instagram password . To my surprise, my profile picture was replaced and I started to get follow notifications on my phone. I panicked and tried to login to my account. However the password was changed and password recovery did not work. The email address had already been changed

Why did this happen?? Well, for fifteen years, I had been using the same two complex passwords for almost all my sites. However at the time, I only had email and yahoo, but now with the flooding of social websites, gaming websites, news sites and so on and so forth, the need for complex passwords for each site is important.

So what can you do?

  1. You can write down each password in a notebook and refer to it. However if you lose the notebook, you will lose access to all your sites.
  2. Or you can use a password manager

What is a password manager?

  1. A password manager is a piece of software that can generate complex passwords for your websites. It can remember your websites and passwords and with just a click of a button, help you to login to those websites as well.
  2. There are two types of password managers available, online and offline. The online versions can sync across multiple devices and it is managed via a web-based control panel. The offline version can only be used on one machine and if you want to use your passwords elsewhere, you would need to carry the password database with you.

So which is better?

Well, it all depends on you. I use Lastpass, it is a web based password manager that allows me to sync passwords across multiple devices. There is also the Lastpass app for the iPhone that allows me to access my passwords anywhere! One thing I like about Lastpass is that I just need to remember one password which is the master password that I set during initial setup. When I login to Facebook or some other site, I just need to select the userID that I use and Lastpass will fill in the password for me automatically. It also warns me if I am reusing the same passwords for any sites and offers to change them for me.

If you are not like me and would like more control and security, you can consider Keepass which is an offline password manager. It has the same functionalities as any other password manager except that you will need to keep track of your password database file.

Both password managers are free and I suggest using one right now.

Lastpass (Free with a paid option, the free one is sufficient for most people)

Keepass (Free)

You can also check out reviews of other password managers that are available out there.

But Lastpass was a hacking victim!

Yes they were, not once but TWICE! However they quickly fixed the problem and the data the hackers managed to steal was encrypted. Furthermore, users master passwords are not stored on their servers. They have also updated their security to ensure that any future hacking attempts will remain futile  even if any encrypted password hashes are stolen. I feel safer with Lastpass because they have come back stronger each time which makes me confident in their services. Any other website would have just shut their doors but they did not.

Do comment below whether you are using a password manager or whether you were a hacking victim.

24 Comments

Click here to post a comment