Sorry, this is what I'm doing my next speech on for my speech class. It is a persuasive speech, by the way.
A password manager is the only way to go. I use the premium version of
LastPass with a
Yubikey for two factor authentication.
The next best is the just jam on the keyboard and save the results in an encrypted text file. The problem is if the only copy is on a USB drive you're just asking to be locked out of every account that is listed.
The best advise in the article is NEVER USE THE SAME PASSWORD TWICE. The problem is there is no way to remember all of the different passwords, plus user name, for the different sites. With the number of sites that get hacked your user name and password will probably be on one of them in any given year, if you have any real web usage. If you're lucky it will become public. If you're really lucky they salted and hashed the passwords. However, if they got hacked they may have stored your data in plain text and won't make it public they got hacked. Any site you use that password on will be compromised also.
Using a password manager such as
LastPass helps protect you from spoofed sites. If the link looks like PayPal, but isn't, LastPass won't be able to fill in your data because the site doesn't match anything in your password list.
A password manager can create and remember large complex passwords for many sites, easily. There are many more benefits, especially with LastPass. Such as one time use passwords, generate one, store it in your safe deposit box. If you die someone will have access to all of your password protected accounts, quickly and easily.
No, I don't make any money from LastPass, but I do think it is a great, and inexpensive product.
