Passwords are dangerous pains in the you-know-where. Our multiple online identities, all requiring unique passwords, can become overwhelming, so we cheat. We use similar passwords creating variations on a theme, things we can remember, and hackers love.
Every few months, we try Halloween-like to scare you into taking the sticky password note off your monitor, and every few months, we fail. Today's email shares our favorite easy fix – unique passwords managed by software called password managers.
We are a software development company, but we don't have a dog in the password management hunt. We'll gladly share what to look for in password management tools and mini-reviews of our favorites as software engineers. Password management tools help break dangerous password habits, but who are we kidding? Passwords still suck.
Passwords suck when someone steals yours. Last month, the use of P@ssw0rd as a password cost TransUnion South Africa $15M in ransomware.
Because credit cards (like chip cards) are harder to skim and steal, thieves take over accounts. Likewise, shared passwords help hackers move in and take over. For example, if the OKTA or UBISOFT breach exposed the password you use to pay Ubisoft, then thieves can target your bank accounts.
Strong passwords are random, long, and use variations (capital letters, all those symbols above the numbers on your keyboard). But there's a problem. No one can remember long random passwords. There is a reason phone numbers are seven digits – seven is a magical memory number.
Countless psychological experiments have shown that, on average, the longest sequence a normal person can recall on the fly contains about seven items. This limit, which psychologists dubbed the "magical number seven" when they discovered it in the 1950s, is the typical capacity of the brain's working memory. Brain Memory Magic Number ABC News
Strong long random passwords may be hackable given enough computing power and time, but why bother? Think like a thief for a minute. When millions of easy-to-decode variations on a theme passwords swim around, why work on cracking long or random keys?
We need long random passwords, so we need a password manager. Here's what to look for when selecting one – it must:
Don't be confused by Google's Duo Voice. Cisco's Duo is the one you want. Cisco's Duo is not just a recommended criterion; it should be a business requirement!
Multi-factor Authentication (MFA) requires two or more checks to gain access. For example, when banks send a one-time password to your phone after entering your password and login, you use multi-factor authentication.
MFA uses three types of additional information.
1Password is our favorite password manager, though LastPass is a close second. 1Password works great for small teams. At WTE Solutions, some things need shared access while other systems need MFA. We like how 1Password provides a list of personal and company sites. It doesn't hurt that geeks like us created that 1Password tech.
Countless psychological experiments have shown that, on average, the longest sequence a normal person can recall on the fly contains about seven items. This limit, which psychologists dubbed the "magical number seven" when they discovered it in the 1950s, is the typical capacity of the brain's working memory. About 1Password
We admire and share 1Password’s mission!