New Year; New passwords

Welcome to 2020! It’s a fresh start to a new year and decade.

The new year brings time for new years’ resolutions and other goals you’d like to accomplish this year.

But for the topic of this article…The new year also a good time to change your passwords.

Are you secure?

Seriously… when was the last time you changed your password to your GMail? Or say your Facebook account (amid all the privacy issues with Facebook)? Do you have two-factor turned on your accounts like Dropbox, Instagram, Twitter, etc?

Well fortunately you can use a tool to save all your passwords. and accounts security. This article will shows you practical way to secure your online accounts.

Password Managers

These tools keep track of your passwords so that you don’t have to remember them all. Plus its good practice to have different complex passwords for each login.

What is it?

What is a password manager? Its a centralized secure location of your passwords. All you need to remember mostly is 1 (one) password to get into seeing your other passwords.

The most popular Password managers are the following:

  • LastPass
  • Dash-lane
  • 1Password

They all offer similar features and at decent costs.

I been using LastPass for over a decade now! And I use it literally everyday or multiple times a day

I chose LastPass because it was the cheapest and easiest and integrated with every kind of device. It also checks all the boxes from this PCMag articlewhich has impressive amount of great features.

It works well on your mobile phone and PC and browser extensions.

Two-Factor Authentication:

Why do you need two-factor?
In today’s world of phishing and email scams, your online accounts can be compromised easily. To make sure it’s you that is logging on two-factor (2FA) is an extra step to make sure.

I have turned on 2FA on everything possible, most online accounts now have 2FA support. You can set it up with sending you a 4–6 digit text to your phone after your enter your password. You can also use an app like Google Authenticator to store your token codes.

Managing Two-Factor

I also been using a 2FA app to manage my token codes called Authy. Its far superior to Google auth app is that it backups your codes so that you don’t have to redo the token codes if you get a new phone. Plus Authy supports more than one device and includes PC not just mobile.

Physical Key
You can be even more secure by using a physical security key like a Yubico key to authenticate, this is like a physical RSA but you push a button or fingerprint to authenticate.

The Fido keyis popular and wotkseith and USB PC device(USB C included)

I have the Google Titan security key which is similar to Fido but works similar. The advantage is that it also works on Bluetooth as well.

Where to start?

Here are the links to enable two factor for the most popular web applications: