Friday, March 9, 2012

HELP! I have too many passwords!

Password overload. These days, that can become so serious that it borders on a medical disorder. Everyone has a password for their computer, for their email, for their phone, for Facebook, for company software, plus half a dozen other computer related things.
            Invariably, people will create shortcuts to avoid the stress of forgetting the important password on the morning it is needed. Many people just create a simple (and insecure) password, or there might be a sticky note on the monitor, or a note card under the mouse pad, or it may be the same password used for 15 different things. Each of these solutions displays a dangerous habit that can lead to numerous issues.  The Kardon Tech staff has observed these practices on multiple occasions, and we constantly encourage our clients to be more aware and careful.  It's interesting to see people scurry around the office hiding obvious hints and password 'clues' when we visit.  
           As compliance becomes the dangerous buzzword threatening fines and serious penalties for violations of health care and security laws, password security becomes even more important. Combined with the inherent issues with email itself, the above issues can spiral out of control leading to career altering issues like HIPAA violations and identity theft.
           The first step in keeping your passwords secure is to have a strong password. Don’t use your child’s first name, don’t use “password”, and don’t leave anything blank. Check out our previous blog on password security to get tips for designing strong passwords.
          The next step in password security is how they are stored. The longest and most complicated password in the world isn’t secure if it is written on a sticky note located on the side of the monitor. And, allowing your internet browser to remember all your passwords is nothing more than leaving your safe door open with all the valuables inside.
           In recent years, many different programs have come about providing password storage. If you make appropriate use of the right program, you can provide yourself added security while relieving a major headache seen in our technology savvy world. Check out available reviews at TopTen and TheHeatWeb.
           When looking through reviews and suggestions for personal accounts, it can be seen that there are dozens of available password managers. However, there were three password tools that consistently showed up on lists discussing the best available tools. The two free tools were LastPass and KeePass, as well as a paid version of RoboForm. Kardon Tech can help you set up something that works for your specific needs. Just give us a shout.
LastPass comes very highly recommended with top rankings from PCMag, PC World, and ZDNet. When first glance, there are not any features that stands out above and beyond any other program: single master password, automatic form filling, one click login, secure data, multiple browser support, secure notes for passwords. The listed features can be found in most password storage tools. The real positive is seen in browser support.
KeePass is highly rated within the open source community, but since it is a free open-source program, it may not have the publicity or recognition as some of the other programs. Also, it may not be the best option for recreational users. The feature set matches favorably to programs designed by a bigger company, but the usability is geared towards more advanced users and may discourage use by regular office workers.
RoboForm is the professional show. RoboForm Enterprise is designed for large companies and has the track record and infrastructure. Free trials, live demos, and a solutions team on top of a feature set that rivals the other options.
LastPass and RoboForm both provide very good browser support. There is, essentially, a password toolbar added to the relevant browsers. Both of these toolbars provide outstanding functionality without the need of an additional program being open (KeePass).
At first glance, both RoboForm and LastPass work efficiently, but the logins work differently when Internet Explorer opens. LastPass requires the user to login in to the password database upon opening Internet Explorer while RoboForm stays open to a user’s identity. There is a need for a manual log out or disabling of the RoboForm toolbar to remove functionality should someone else be using the computer a short time later.
Looking at the usability between the three mentioned programs, RoboForm and LastPass provide more integrated functionality and a better system for average users to understand and benefit from. There are constant reminders available and the programs provide one-click usability to constantly provide support and management without being obtrusive and controlling.
With the available options and the pricing considering the available features, LastPass looks to be above and beyond what someone would need in a password management tool.
The feature set of the free version is outstanding. And, the browser toolbar combined with simple things like auto-logout features make it comparable to a big company product like RoboForm. The integrated browsing also sets it apart from a light open-source program like KeePass which requires the secondary program to be available in the background.
Check out LastPass and make sure to implement it properly in your daily life. You will find that your mind isn’t as cluttered with passwords and you won’t need to second guess your security procedures concerning passwords.   Confused? Again, you can give Kardon Tech a call.

No comments:

Post a Comment