Broadband Tech → Security → Security > Keeping track of passwords, changing them, etc.

Keeping track of passwords, changing them, etc.

Every once in awhile, I'll receive an e-mail from a site that I log into (Yahoo, dslreports, etc.) about a security breach and my username and password being stolen. I'll always immediately change the password for that site, but it's often a password I use in dozens of locations. Instead of going and changing my password everywhere, I will typically only change it at the site that had the breach.

I know this is a poor response to a security breach, as my login and password are floating around somewhere. But what is a person to do who has been creating usernames on forums and other sites for 10-15 years? I'm toying with the idea of using an app like KeePassDroid on my phone to store all of my passwords and using a different password for each site, but I'm wondering if there is another practice that is easier to manage that anyone would recommend. Thoughts?
--
SSDTweaks.net - Optimizing your SSD for Windows - »ssdtweaks.net

I recommend LastPass.

Lastpass is great.

I agree with Last Pass.

Thanks all! Just set up LastPass. Going to use »www.random.org/passwords/ (unless someone has a better idea) to start replacing the passwords I use for all sites to unique passwords. Also using mypermissions.org to find out where I have login credentials.
--
SSDTweaks.net - Optimizing your SSD for Windows - »ssdtweaks.net

Lastpass has a pretty good random generator built in.

Do you really want to store the keys to your digital life in the cloud? Personally I have always used and will continue to use KeePass.

Couple of thoughts for LastPass...

Use an excellent master password. Mine is 20 characters long and I combine that with a 6 digit PIN from the Google Authenticator on my cell phone/tablet. The PIN changes every 30 seconds and makes the login process even safer.

Once your account is up and running, and everything is in LP, if you want an easy way to clean up the weak and duplicate passwords, run the Security Check on the left column of your LastPass Vault. It does not send your passwords anywhere, just runs a test against your local vault. I just ran mine and out of 236 entries, I have only a handful of duplicates (and those need to be.) A few sites have weak passwords but those too have limitations on how well they can be improved. Overall, I'm happy with the results. But it took a little bit of time to get there because I had some weaker things too.

As already mentioned, don't bother with random.org for password creation. Just use the one in LP. Since it's integrated in the app, it can create the new safe password and allow you to begin using it immediately.

Bottom line is that you can get things in order and be much better off than where you've been.