and why you should use one.
A complete step by step tutorial.
Reading time 25 minutes.
TL;DR - Too long; didn't read
The Complete Step by Step Tutorial
Phishing scams are becoming more elaborate, there are more Data breaches happening everyday, Password Crackers are getting faster and smarter and this is making it easier for Hackers to force their way into more email accounts, websites, bank accounts and digital wallets.
If you’ve ever entered your details on a fake login page, had your password exposed in a data breach or had your email account hacked and ended up sending viruses to your whole address book, then I have some tips for you on how to harden your online security.
More accounts are getting hacked into.
What is a Data Breach?
A data breach occurs when confidential, private or sensitive information has been released into an unsecured environment. In other words, when unauthorized persons gain access to your confidential information.
This could be your credit card details, your email account username and password, your residential address, your bank pin, your private profile on social media or membership sites.
One exposed password can unlock many accounts.
A data breach can happen accidentally, like when you CC the wrong person in an email with a client’s sensitive data. Or as the result of a deliberate attack, either through phishing scams, ransomware or that coworker who thinks it’s hilarious to access your social media accounts on your work computer and post things while you’re at lunch.
Another common way your data can get breached, is when a website you have an account with gets hacked. Houzz (a $4 billion home improvement startup) suffered a data breach in early 2019 where a file containing some of their users data was obtained by an unauthorised third party.
Now, what if you used the same password at Houzz.com as you do for your email account or your online banking? Will you update and use different passwords on all the websites you go to and how are you going to remember these passwords?
We’ll get back to that in a second but first, let’s check if your data has been breached!
Have your credentials been compromised?
1. Check if you’ve been part of an online data breach.
Go to https://monitor.firefox.com/ and sign up with your primary email address, you can add more email addresses to monitor later.
Firefox Monitor uses the Have I Been Pwned API and data breach database to cross reference if your email accounts have been involved in any known data breaches.
Firefox monitor will also give you more details about the breaches in which your data was exposed, and what personal information was exposed.
If your email address appears in any breaches, it’s time to close down accounts you do not utilize anymore and to reset your passwords.
Here you can see the breaches one of my accounts has been involved in, and the details that were compromised.
Here is a summary of the email addresses being monitored and if my passwords have been exposed.
Upgrade your browser!
2. Download a modern web browser that supports a password manager.
A lot of security breaches are due to user negligence. I’m not victim blaming here, but you lock your doors at night, so let’s do the same for your digital assets.
For a web browser, I suggest one of these:
Download – https://www.google.com/chrome/
Chrome is the most widely used web browser with a 64% market share. It integrates nicely across your computer and mobile devices if you have a Google account. Although, It can be resource intensive if you browse like I do. Yes I need all 38 of those tabs open.
Google make the vast majority of their money through targeted advertising, so chrome will collect your browsing habits and some personal information from you.
Download – https://www.microsoft.com/en-za/windows/microsoft-edge
If you still use internet explorer then Edge is the browser you might be most comfortable upgrading to.
Download – https://www.opera.com/
Opera is a resource-friendly browser that focuses on using less of your PC and Internet resources. Many of its features are made to strip down resource usage, it includes a built in ad blocker and VPN, and it includes a handy quick launch sidebar for your chat apps.
Using a Password Manager
What is a Password Manager?
A password manager is a software application that stores and manages all the passwords you use for your various online accounts.
These passwords are stored in an encrypted format and can only be accessed through entering a master password.
The benefit of this is, you only need to remember 1 password, all your other passwords will be randomly generated strong passwords and the app will fill these in for you when you need to access your online accounts.
LastPass is a freemium password manager. What Freemium means is, you can use all the core functionality absolutely for free.
Or you can also sign up for a monthly subscription for some extended features like 1 GB of encrypted online file storage, emergency access and LastPass for desktop apps.
LastPass also offers Family and Business plans, making it easy to share passwords within your family or across your organisation. It has a browser extension for Chrome, Edge, Firefox, Safari and Opera, as well as Android and iPhone apps. So no matter what device or browser you use LastPass has you covered.
Comparison of free vs premium features.
LastPass Set Up
3. Setting up LastPass
In this tutorial, you will create a free personal account. You can upgrade to a family account or link it to a business account at a later stage if you ‘d like to.
Take note of the LastPass master password requirements.
Your new master password has to be a brand new password, not like any password you have used in the past, a password that has never been released in a data breach.
So, what makes a strong master password?
Your Password needs to be easy for you to remember but hard for someone else to guess.
2. So decide on a password and click sign up!
Your master password is the only password LastPass can’t remember for you, so write this down on a piece of paper and lock it in a safe.
Don’t worry Recovering your master password if you forget it is possible.
3. On the welcome screen click on “Install LastPass” to install the extension for your specific browser.
LastPass will detect which browser you are using and send you to the correct download page.
I’m installing it on Google Chrome, if you’d like to install it for a different browser you can see the available options here.
4. Enter your email and master password to activate the Lastpass browser extension. You can tell LastPass to remember your Email and Password, I suggest you only select this option on a private computer.
The ‘How LastPass Works‘ page has an overview of how LastPass can help you manage your passwords, and other important information
5. For a crash course on adding passwords to your LastPass Vault, click on the Icon for the account you want to link.
Log into the account.
A single password exposed in a data breach could put all your online accounts at risk. Tools like Firefox Monitor notify you when your security has been breached and a password manager like LastPass can improve your online security and increase your productivity by remembering and entering passwords for you.
For some more LastPass trips and tricks click here.
If there is anything I missed, let me know in the comments below.