Why EVERYBODY Needs a Password Manager

Published by Mikala on

Panicked woman with no password manager

I would like to share a little personal story with you.

A few months ago I logged in to my state government email account and one of the first things I saw was this:

From: Hilbert Condodina

Subject: mikala.grosse – cally

Those two lines were enough to make my blood freeze and stomach drop.

The email address was some random letters @outlook.com and I am still none the wiser as to who Hilbert Condodina is but guess what, Cally is my dog and I have re-used her name (followed by ever increasing numbers) as my main account password every time I have been prompted to change my password, ever since I joined the Department well over a decade ago.

The email went on to say that malware had been downloaded to my computer when I visited a porn site. Ever since it has recorded my keystrokes and passwords (their knowledge of Cally as their proof) and that my web cam had been used to film me in compromising situations yadda yadda yadda, will send to 5 friends including your boss and post on the internet if you don’t transfer X amount in bitcoin to this account within 5 days. 

Fortunately, my blood pressure lowered the further I read because:

  1. Our IT Department has excellent security protocols
  2. I don’t have a webcam on my work computer
  3. I don’t visit porn sites, and while I have never tested this theory I am guessing our filters would block that kind of content anyway
  4. I only used Cally as a password for my work account, out of habit (or potentially laziness) – all of my other passwords: personal, family, business, clients, are all tucked up safely in my Password Manager application – and fortunately I was a lot more strategic with that master password!

How are you feeling after reading that? Are you breathing a sigh of relief along with me or have you broken out into a cold sweat at the realisation that this very same scenario could happen to you?

Just for interest’s sake, as a business owner, here is another scenario for you to consider:

Imagine for a moment that someone hacked into your business email account and spammed every single one of your customers and colleagues with inappropriate images – courtesy of your email address. Not only will this cause embarrassment to you and some of your unsuspecting victims, but thankfully some spam filters will catch these before they hit their intended inboxes. 

Woohoo -crisis averted!!! 

Or not. 

Guess where all your future emails to this domain are going to end up… Yep, spam folders and I’m not even going to begin to talk about how damn near impossible it is to get yourself “un-blacklisted”!

Now I know all this – hell I even wrote that second scenario over a year ago, but I still didn’t change my departmental password hence I made myself an easy target.

Passwords need to be strong and unique. Weak passwords containing personal information, predictable words and sequential numbers are easy for hackers to crack – there even exists automated software to can guess thousands of passwords per second!

Don’t be complacent – do something about it RIGHT NOW!!!

I use LastPass but you don’t have to take my word for it, here is a great article that gives you more information on a range of Password Managers so you can make your own decision.

If you are interested in LastPass, here are the reasons why I recommend it…

  • There is a free option so you can try before you buy
  • You only need to remember one (Master) password
  • You can access it via your browser and a mobile device app
  • It can generate and save secure passwords for new accounts
  • It identifies instances when you have used the same password on more than one site and assists you to easily update to a new more secure password.
  • The Google Chrome extension autofills your username and password when you visit a site, the iPhone app allows the same functionality when visiting websites on your phone.
  • You can organise and share your passwords with other users and choose whether or not they can actually view the password or if it remains hidden and can only be autofilled to login to an account. 
  • You have the ability to store secure notes such as your ATM pins, credit card details, addresses, licence details and more! 

I use LastPass Personal Premium, if you would like to try it out for a month free* you can check it out here.

P.S. Needless to say I have since removed Cally as my password, code word, security prompt anywhere and everywhere else she has ever appeared in relation to an online account or service and noted all of these changes in my password manager. I highly recommend you do the same!

*Disclaimer: I am an affiliate of Lastpass. If you sign up using the above link both you and I will receive one month of LastPass Premium for free. If you do not wish for this to happen, (absolutely no hard feelings) please instead sign up directly from their website where you will still receive one month access to LastPass Premium.