HeartBleed SSL flaw: Passwords Passwords and More Passwords; The Never Ending Amount of Passwords You Accumulate From Surfing The Web

Locks In a Box

Everyone has probably, by now, heard of the HeartBleed SSL flaw. This flaw has been driving IT people and consumers crazy all week. IT people had to patch it and consumers had to try to wrap their heads around the idea what it is. In a nut shell from what I have read; wait till the website updates and then change your passwords. IT people had to patch and then get a new certificate. All of these things are not easy.

It has brought more attention to security, the use of passwords and password managers. I have over 200 passwords to keep track of. What tools are good to help organize them?

I have used SplashID for many years. It is ultra simple. It is a separate app that runs on your and your computer and you enter the information in there. If you like you can download the mobile app and synchronize them. So you can take your passwords on the go. The app is basic and I just coincidentally was looking for an app that had more integration with the web browser.

The first one I looked at was OnePassword. Since I was using another tool I wanted to import my large database of passwords in OnePassword. The import cause me headaches because it made most of the passwords unusable as notes. The other problem was that  you can’t more passwords from notes to another category. Scanning the forums I found that many people were not happy with this limitation and this was a downgrade from the earlier version. Earlier versions allowed you to change categories. This limitation left me with no choice, but redo all the records. Ugh no way. I am not doing that.

The next password manager I looked at is (I am now still testing it) LastPass. I like the idea of this tool. It goes several steps further than the rest and lives within the web browser. Just about any web browser. It has great security such as two factor authentication and I can change the categories. There is even a security checker that will go though your passwords and recommend you on the password strength and if that site was hacked and you should change your password. It has form fill in integration where it will enter my password for me. This is great as it should know the passwords better than I do. If you are and you should be using complex passwords it is a life saver when it autofills for you. There is not all joy here. I have had one or two glitches. One, it does not  always do the right thing when it autofills a form. I noticed that it sometimes will use my username twice instead of once and then the password. It has a feature where it realizes that you are changing your password and will update, but this has some flaws. Sometimes it creates duplicate records.

All in all none of these are perfect. So far LastPass balances out top be good for me for now. I suggest giving them a try to find one that works well with your work flow.

Photo credit: shannonpatrick17 / Foter / Creative Commons Attribution 2.0 Generic (CC BY 2.0)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s