Design your life to include more money, health and happiness with less stuff, space and energy.

Design your life to include more money, health and happiness with less stuff, space and energy.

The Last Password You’ll Ever Have to Remember

Securing your valuables looks a lot different in the digital age than it did in the analog one. You used to be able to stuff your gold doubloons in a chest, lock it up and you were all good. Nowadays, in order to have a truly safe existence–keeping your bank, credit card, email and other accounts safe from being hacked–you need to create many, complex passwords for every site you register with. It is very likely that one of the companies that you do business with will get hacked in the next few years. If you use different passwords, the fact that Crazy Bob’s Shack of Discount Fireworks got hacked won’t suddenly compromise your bank login.

But who has the time, the memory or the organizational capacity to keep track of so many passwords? Most of us just say screw it and use the same logins and passwords over and over again, hoping we’ll be spared when some cyber-attack hits.

An app called Lastpass has an elegant solution for those of us who are too lazy and disorganized to properly protect our online existences. Lastpass will save all of your passwords in a cloud vault and autofill your login and password info when you visit a website. The only password you’ll need to know is the master password to access to Lastpass. Lastpass is fundamentally a security company, so the password vault has some very interesting security. If you are into technology, you might want to read Is LastPass Secure?

lastpass-gen

Lastpass will import all of the insecure passwords you have stored on your keychain (I had a shocking 171). Through a Lastpass extension which works with most browsers, a form will appear that will autofill existing logins and also allow you to create new complex logins and passwords for new sites, which Lastpass will save. To make new passwords for old sites, you will have to go into settings and replace passwords with new, Lastpass ones (which are infinitely better than “Petname1”); this is a little labor intensive, and might require you to update a few passwords on your phone (email, Facebook, etc) but once it’s done, it’s done and you’re far safer for it. The free version will autofill logins and passwords on your computer and there is a mobile-ready premium version that sells for $12/year.

  • Linus

    Until Lastpass is hacked and ALL your passwords are stolen. It’s VERY easy to have a different password for every website and NOT have to remember a single the password. All you have to do is create a simple formula. For example: last two digits from your year of birth + first 3 characters of the website’s domain + 3 characters from your name in uppercase + one special character. So, for Life Edited my password might be something like 86lifLIN! and for Amazon 86amaLIN! and for Facebook 86facLIN! – all three look like random strings and will create completely different encrypted hashes on the websites they are used. It’s not difficult to create your own formula using different combinations of the above or other known values.

    • That works until, and only until, the website forces you to change your password. Then what? You’ve already used your formula, and you start having to remember all of your exceptions.

      LastPass doesn’t have your passwords—they’re encrypted using a method that doesn’t give the company a key. Your passwords can only be obtained if *your LastPass account* is hacked because someone figured out your master password (which LastPass, again, does not have access to), or because you left a device logged in to the LastPass service and some gained access to the device.

      You have to be smart when you use any security-related tool or technique. The greatest point of vulnerability is always your own behavior. I’ve been using LastPass for three years and can’t think of a better way to protect and maintain my 300 sets of credentials.