Most of us know by now to avoid using ‘Password123’, but the majority of the public may only use one decent password for lots of different sites.
While it’s good to have a strong password, it’s important to use a different one for each website, as data leaks happen. From Myspace to Linkedin, services get their data leaked and rarely report this to their users. This means that even if you have a decent password, it can get leaked online and people will use these passwords to login to your other services, such as online banking, cloud storage or emails.
Speaking on the Freelance Corner podcast, cyber crime detective Patrick said: “It’s certainly not just about stealing peoples’ passwords, although that’s actually has been, and will always be, a big part of this unfortunately. It allows gateways into the massive number of cyber crimes.
“Often [the victim’s] identity is used as well, so that people can commit other crimes under a false details, and/or potentially escape and evade capture under false identities.”
How to keep your passwords safe online
The solution to this is using a password manager to remember individual passwords, so that you aren’t using variations of one decent password on every website. Services tend to ask you to change your passwords every so often, but these password managers will auto-change and generate complex passwords for you. They will also be encrypted and put in for you, so you can login to services without remembering hundreds of passwords.
There are multiple apps that do this, depending on what you need and what experience you want. Here are my recommendations of the best free, paid, and easiest options.
Free choice: LastPass
LastPass offers the best overall free experience, with no limitations on the number of passwords you can store.
You can install LastPass on multiple devices, and it has well integrated extensions for all popular browsers and iOS devices.
Last Pass detects when a website asks for your login details, and automatically inputs them, which means you don’t have to remember all your different passwords.
It will also generate secure passwords for you, with an easy system to match the requirements of the platform you’re changing the password for.
Paid choice: Dashlane
Unlike LastPass, Dashlane is fairly restrictive with what you get for free, but this allows for the paid accounts to offer an abundance of premium features. Dashlane offers a virtual private network (VPN) and cloud storage at an incredibly competitive price. It costs $39.99 for a year’s subscription, which works out at around £30 for UK freelancers. Plus, there is a 30-day money back warranty, so you can try before you buy,
The VPN allows you to browse the web securely and to change the location you’re browsing from, enabling you to view a website with geolocation restrictions. It also stops your internet service provider from seeing where you’re browsing online.
Many freelancers use public Wi-Fi when working from cafes or co-working spaces. Patrick warns that freelancers should always use a VPN when accessing public Wi-Fi: “Without any exception, you simply just do not use a public Wi-Fi without a virtual private network. Even with a virtual private network. I would say, you should be very cautious as to the sensitivity of the activity you do.”
Dashlane also monitors the dark web for your information and alerts you if your stored details appear in a batch of stolen data. This is incredibly common and it’s unlikely that your information isn’t available on the dark web.
Although this comes at a price, Dashlane does offer the best security and extra features for anyone looking to protect themselves and make their life easier.
Easiest option: Your browser's password manager
The most popular browsers offer password storage options and generate passwords for you. However, this ease of use does come at the expense of security.
Although Windows or macOS will ask for your user password to view your saved passwords, you can actually reset your user password and get around this blockage. If you are tech savvy enough, you can look at the password section in Chrome and Inspect Element and reveal the password in plain text without having any previous information. This works on any browser, on any platform.
This option is the most convenient, and better than writing down passwords and trying to remember everything.
It’s likely your choice of browser already has a password generator and password storage feature, but while this does a decent job for user experience, it’s also far from secure.
To protect yourself against future leaks, ensure that you use a unique password for every site, whether this is generated from your browser or a premium password manager, as this is the safest way to keep your data in check. Along with a good master password and two factor authentication, this makes it near impossible for hackers to break and for leakers to attack.