I have spent a lot of time thinking about, talking about, even writing about password management. I have been a big fan of using a scheme to create passwords. The thing is, I was not perfect in using a unique password for everywhere I went. Even though the base password I used was very good (17 upper, lower, numbers & symbols) it was still, occasionally, the same password.
I finally gave in and tried LastPass password manager. And I am hooked.
Here’s how it works. You download and install their application, which becomes a button in your browser. Installation looks at all the saves passwords in your browser and imports them, then offers to remove them from the browser for better security.
When you launch your browser you click a button to login to LastPass.
There’s a “Favorites” style option you can use to go to and automatically login to any site you have stored in the system.
When you visit a new site, LastPass is watching for form fields. If you login to a site, LastPass asks if you want it t remember the site for you. But here’s my favorite part – only AFTER you successfully login to the site!
If you’re setting up a new site, LastPass will generate a password for you. That’s why I don’t know any of my passwords anymore.
I have begun the process of making my passwords so entirely unique I don’t know most of them. I simply visit the site in question, login, go to the change password option, and have LastPass generate something random for me. When I need the password, LastPass populates the form for me. Once in a while it has an issue, but you can easily look and see what the password is so you can enter it yourself.
LastPass does a bunch of other stuff too. Secure notes, form filling, password sharing, synchronization… Wait, did I not mention synchronization? That’s one of the coolest features! When you setup these passwords on one system, then login to LastPass from another system, all of your passwords come to you, no work on your end.
To make that work on the iPad, you have to use the LastPass browser app. Hey, it’s not their fault, Apple is crazy about not letting anyone do anything to Safari on the iPad. If you want to synchronize to your phone (iPhone, Android, Blackberry) you’ll need to pony up for Premium. But don’t worry, Premium is only $12/yr. Not a big investment.
There is also an Enterprise version I will be test-driving soon. It has the ability to create “shared folders” of passwords for users to share. No more trying to remember the password for the company Twitter account, Bank account, etc. Very exciting for a tech company that needs unique login information for each client’s firewall, website, blog… You get the idea.