Here's the END of Weak Passwords
I am going to have to find a new pet peeve to write about when other topics fail to inspire me. My old standby, “weak passwords,” is now defunct. There is no longer any excuse for using a lame, easily guessed password like 'monkey' or '12345678.' None! Read on to learn why...
How to Generate Strong, Secure Passwords
You might think you've made up some pretty clever passwords, but the rules imposed by many online services actually make them less secure and more easily guessable. For some background on that, see my article Here's Why Your Password is Hackable.
Google put the first nail in weak passwords earlier this year. Apple, with its recent release of iOS 12, sealed the coffin airtight. The two mobile operating system leaders have independently (right, Mr. Cook?) implemented a security scheme that covers email, websites, desktop or mobile apps, and anything else that requires a password.
You no longer need to waste brain cycles to concoct a password, type it into a box, remember it or (Heaven forbid) write it down somewhere, lose or forget it, and go through the “reset password” ritual. In fact, you don’t even have to know what your password is!
You may remember that I've written about password managers for desktop and laptop computers. See Can This Robot Manage Your Passwords? and Dashlane's Free Automatic Password Changer. Those apps work great to automatically generate strong, secure passwords, but they make it difficult when you need to login to those apps or websites on a mobile device that doesn't have access to those stored passwords. Who can remember a random 24-digit password, and successfully enter it on a tiny smartphone keyboard?
But now, a virtually impregnable password is available to you on any mobile device, laptop, or desktop PC, and it doesn’t matter what operating system or browser your device uses. Here's the scoop:
Apple calls this miraculous feature “Password Autofill.” It’s been part of the Safari browser for years, automatically authenticating identities using FaceID, TouchID, or a PIN. It expanded beyond the browser in iOS 11. Now, with iOS 12, Password Autofill integrates with popular password management apps like Roboform, 1Password, LastPass, Keeper, and Dashlane. These and other password management apps are available to their users everywhere a password is required (except on a few apps that are slow to adopt this critical technology. We will see how the free market treats those lackadaisical developers.)
Google introduced third-party password manager integration back in April, 2018, with Android Oreo, allowing you to use your favorite password manager app for all logins. Apps such as LastPass, Dashlane, Keeper, or 1Password provide ways to generate long, highly randomized passwords that are very difficult and expensive to crack. They store those formidable passwords in equally hacker-resistant vaults out there in the cloud. They recognize when a password is needed, and they feed the right password to a mobile app or desktop website that is hungry for it.
No More Excuses for Hackable Passwords
Cost is no barrier; the free version of LastPass handles everything described above. It works on Windows, Mac, Linux, iPhone and Android devices. Supported browsers include Chrome, Firefox, Internet Explorer, Edge, Safari, and Opera. So you're covered across the spectrum of desktop, laptop and mobile logins.
The only hurdle to jump is the mountain of bad passwords that you have already used. You will have to change every one of them to a strong password generated and stored by LastPass or one of the other password managers. That’s a bit of work for you, but it’s got to be done for the good of everyone. Just change a few bad passwords per day, starting with critical accounts such as email, banks and medical sites. In a few days, you should be free of weak passwords.
You may be wondering if this helps if you have an older mobile device that's not running Android 8.0 or iOS 12. Yes, it does. You can still use a password manager app on your mobile device, even if it's not integrated with the operating system. For example, I use Roboform on my desktop computer to generate and store passwords. My old smartphone will never be upgraded to the latest version of Android, but I can still use the Roboform app on it to look up a stored password and manually enter it. A bit more work, but much more secure than using weak passwords.
You owe it to yourself and your family to secure your online accounts with strong passwords. Now that it’s so easy, there is absolutely no excuse to not do it. The only password you will need to remember is the master password that unlocks your password manager. Just please don’t make it “qwerty” or “password!”
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 1 Oct 2018
|For Fun: Buy Bob a Snickers.
[TIP] Windows Automatic Maintenance
The Top Twenty
New Tor Browser Is Surprisingly Polished
There's more reader feedback... See all 33 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Here's the END of Weak Passwords (Posted: 1 Oct 2018)
Copyright © 2005 - Bob Rankin - All Rights Reserved