Password Managers, what are they and why do you need one?

Man's hands using fingerprint scanning app on cellphone screen
Picture of Steve van der Walt

Steve van der Walt

Reading time 25 minutes. 

TL:DR

A password manager will make you more secure on the internet.
Follow these 4 steps and increase your online security FOR FREE!

  1. Click this link and check if your data has been breached – https://monitor.firefox.com/
  2. Get a Web Browser that supports extensions – Click for browser suggestions.
  3. Get LastPasshttps://www.lastpass.com/ 
  4. Add Multi-Factor-Authentication to your LastPass Account

Intro

Phishing scams are becoming more elaborate, there are more Data breaches happening everyday, Password Crackers are getting faster and smarter, and all of this is making it easier for Hackers to force their way into emails, websites, bank accounts and digital wallets.

If you’ve ever entered your details on a fake login page, had your password exposed in a data breach or had your email account hacked and ended up sending viruses to your whole address book, then I have some tips for you on how to harden your online security. 

What is a Data Breach?

A data breach occurs when confidential, private or sensitive information has been released into an unsecured environment. In other words, when unauthorised ‘sources’ gain access to your confidential information.

Examples include, your credit card details, your email account username and password, your residential address, your bank pin, your private profile on social media or membership sites.

One exposed password can unlock many accounts.

A data breach can happen accidentally, like when you CC the wrong person in an email with a client’s sensitive data. Or as the result of a deliberate attack, either through phishing scams, ransomware or that coworker who thinks it’s hilarious to to post on your social media accounts you’re at lunch.

Another common way your data can get breached, is when a website you have an account with gets hacked. Houzz (a $4 billion home improvement startup) suffered a data breach in early 2019 where a file containing some of their users data was obtained by an unauthorised third party.

Now, what if you used the same password at Houzz.com as you do for your email account or your online banking? Will you update and use different passwords on all the websites you go to and how are you going to remember these passwords?

We’ll get back to that in a second but first, let’s check if your data has been breached!

Have your credentials been compromised?

Check if your data was breached

Go to https://monitor.firefox.com/ and sign up with your primary email address, you can add more email addresses to monitor later.

Firefox Monitor uses the Have I Been Pwned API and data breach database to cross reference if your email accounts have been involved in any known data breaches.

Firefox monitor will also give you more details about the breaches in which your data was exposed, and what personal information was exposed.

If your email address appears in any breaches, it’s time to close down accounts you don’t use anymore and to reset your passwords!

Here you can see the breaches one of my accounts has been involved in, and the details that were compromised.

Here is a summary of the email addresses being monitored and if my passwords have been exposed.
Firefox Monitor Breach Summary

Upgrade your browser!

Download a modern web browser

…that supports extensions.

A lot of security breaches are due to user negligence. You lock your doors at night, so let’s do the same for your digital assets.

For a web browser, we suggest one of these:

Google Chrome

Download https://www.google.com/chrome/

Chrome is the most widely used web browser with a 64% market share. It integrates nicely across your computer and mobile devices if you have a Google account. Although, It can be resource intensive if you browse like I do. Yes I need all 38 of those tabs open.

Google make the vast majority of their money through targeted advertising, so chrome will collect your browsing habits and some personal information from you.

Microsoft Edge

Downloadhttps://www.microsoft.com/en-za/windows/microsoft-edge

If you still use internet explorer then Edge is the browser you might be most comfortable upgrading to. 

Mozilla Firefox

Download https://www.mozilla.org/en-US/firefox/new/

Firefox takes your privacy seriously, it comes with ad blocking and privacy features built into the browser, it supports browser extensions and the Mozilla foundation fund a lot of internet literacy and privacy initiatives.

Opera

Download https://www.opera.com/

Opera is a resource-friendly browser that focuses on using less of your PC and Internet resources. Many of its features are made to strip down resource usage, it includes a built in ad blocker and VPN, and it includes a handy quick launch sidebar for your chat apps.

Use a Password Manager

What is a Password Manager?

A password manager is a software application that stores and manages all the passwords you use for your various online accounts.

These passwords are stored in an encrypted format and can only be accessed by entering a master password.

The benefit of this is, you only need to remember 1 password, all your other passwords will be randomly generated strong passwords and the app will fill these in for you when you need to access your online accounts.

One password manager we recommend is LastPass

LastPass is a freemium password manager. Freemium means you can use all the core functionality absolutely for free.

Or you can also sign up for a monthly subscription for some extended features like 1 GB of encrypted online file storage, emergency access and LastPass for desktop apps.

LastPass also offers Family and Business plans, making it easy to share passwords within your family or across your organization. It has a browser extension for Chrome, Edge, Firefox, Safari, and Opera, as well as Android and iPhone apps. So no matter what device or browser you use LastPass has you covered.

Comparison of free vs premium features.

LastPass Set-Up

Set up LastPass

1. Go to LastPass.com

and click on the “Get LastPass Free” button.


In this tutorial, you will create a free personal account. You can upgrade to a family account or link it to a business account at a later stage if you ‘d like to.

The LastPass Account Creation Form

Take note of the LastPass master password requirements.

Your new master password has to be a brand new password, different from any password you have used in the past.

You will only use this password for LastPass so it is important to use something unique.

So, what makes a strong master password?
https://xkcd.com/936/
Your Password needs to be easy for you to remember but hard for someone else to guess.

2. Decide on a password and sign up!

Your master password is the only password LastPass can’t remember for you, so write this down on a piece of paper and lock it in a safe.

Don’t worry, you can recover your master password if you forget it.

3. Install LastPass

On the welcome screen click on “Install LastPass” to install the extension for your specific browser.

LastPass Welcome Screen
LastPass Welcome Screen

LastPass will detect which browser you are using and send you to the correct download page.

I’m installing it on Google Chrome, if you’d like to install it for a different browser you can see the available options here.

LastPass on the Chrome web store

You will be prompted to add LastPass to Chrome, and it will list all the permissions you are granting the extension.

Always check what permissions you are giving extensions and apps when you install them!

LastPass permissions

If you see Chrome downloading a file with a strange looking name immediately after clicking on “add extension”, don’t be alarmed that’s the extention being added to your browser

You can now log into your LastPass account by clicking on the extension icon in your browser menu.

4. Activate LastPass

Enter your email and master password to activate the Lastpass browser extension. You can tell LastPass to remember your Email and Password, I suggest you only select this option on a private computer.

The ‘How LastPass Works‘ page has an overview of how LastPass can help you manage your passwords, and other important information

5. Save a Password

For a crash course on adding passwords to your LastPass Vault, go back to the ‘LastPass Works’ and click on the icon for the account you want to link.

Log into the account.

6. Adding Passwords

Once you have logged into an account, LastPass will prompt you to add the site to LastPass.

Every time you log into a new site, LastPass will ask if it should add those login credentials to LastPass. After a site is added to your Vault, LastPass will fill in the login details for you next time you want to log into that account.

7. Go to your Vault

8. Do the introductory tutorials

At the top of the LastPass Vault page you should see some introductory tutorials, follow along with these to get the most out of LastPass.

Summary

A single password exposed in a data breach could put all your online accounts at risk. Tools like Firefox Monitor notify you when your security has been breached and a password manager like LastPass can improve your online security and increase your productivity by remembering and entering passwords for you.

You can increase your security even more with Multi-Factor-Authentication learn how here.

For some more LastPass trips and tricks click here.

Who wrote this?

More from our blog: