Join my exclusive Dead Drop Digest with the most popular spy stories, tips, & tricks.

Breaking news

A Russia-linked cyber-espionage group has hacked into the controls of more What is metadata, how is it used and why is it important? When we interact over more Mass surveillance is the subjection of a population or significant component of more There’s a good chance you were affected by the Equifax hack of 143 million more Facebook has the ability to spy on users in their homes and offices because more

Why you should be using a password manager

Every few weeks, we hear the news that another major website has been hacked. Often these hacks mean your personal information has also been compromised. In this post, we cover the important reasons for why you should use a password manager to protect your online identity, and how to get started with LastPass, a free password manager.

Passwords & Online Security Best Practices

Most websites rely on a simple login process for a user to gain access their account–a username and password.

As an online security best practice, you need to have long, complex and unique password for every web account you use.

Strong passwords need to be:

Long – The more characters in a password, the longer it would take a hacker to guess your password.

Complex – By adding additional characters to your password you add complexity or password entropy. Password entropy is a measurement of how unpredictable a password is, based on the character set used (a combination of lowercase, uppercase, numbers and symbols) as well as password length. Basically, your password needs to be something you could never pronounce.

Unique – You need a different password for every web account you use. Yep, that’s right. Every login on every website needs to be unique and never reused.

Unfortunately, in the real world, meeting all three criteria for strong passwords is basically impossible without the use of a password manager.

Why Use a Password Manager? The Nightmare Scenario

So why is having a long, complex, unique password important for your website?

If you use the same email address and passwords for multiple websites that you log into, what happens when one of those websites gets hacked?

Your email address and password is now on a list that will be used to try to log into other websites around the internet. If you use the same email address and password for all your websites, now the hacker will be able to log into all your accounts at once.

Once your password has been compromised, you now have the challenge of updating your information individually on every single website that has the same login information. Do you even remember them all? If you use the same email and password again on each one, you’re probably going to have to repeat this process again in the future.

Don’t Use Common Passwords

Here’s Keeper Security’s list of the most common passwords of 2016. Do you recognize any of them?

1. 123456 10. 987654321 19. 555555
2. 123456789 11. qwertyuiop 20. 3rjs1la7qe
3. qwerty 12. mynoob 21. google
4. 12345678 13. 123321 22. 1q2w3e4r5t
5. 111111 14. 666666 23. 123qwe
6. 1234567890 15. 18atcskd2w 24. zxcvbnm
7. 1234567 16. 7777777 25. 1q2w3e
8. password 17. 1q2w3e4r
9. 123123 18. 654321

Password Managers vs. Browser Password Storage

Note: While most major web browsers today will offer to remember your passwords and fill them in automatically for you, this is for convenience and not security.

A Password Manager such as LastPass not only remembers your login information, but also helps you generate long, complex passwords and stores them and other information securely.

LastPass vs. Other Password Managers

There are several excellent options for Password Managers available:




Ultimately, using any one of these password managers is a good choice, but we recommend LastPass because it offers the most value in free vs. paid features.

Getting Started with LastPass

In this next section, we’ll cover how to get started with LastPass.

Creating an Account

Click the Get LastPass Free button in the header at

Walk through the steps to create your account.

Your LastPass Master Password

The most important part of this process is creating your master password.

This password is the master key to all the other passwords in your account.

It’s the only one you need to know, so make it memorable but secure.

Example: Al@b@m@Cr!ms0nT!d3 (and, no that’s not my real password ?)

All your information is encrypted based this Master Password. Not even LastPass can access your info without it – so don’t lose it!

Note: It’s a good idea to enable two-factor authentication for your LastPass master password.

Setting Up the Browser Extension

At the beginning of the account setup process, you will also set up your software (or go here to download the LastPass software


Download and install the Universal Installer for your operating system which will set up the app and extensions for every web browser you have installed.

The LastPass icon should appear on your browser next to the search bar

Once you log in, LastPass is now ready to save new logins.

Importing Existing Passwords

If you’ve been using your browser to store passwords, you can usually import them into LastPass without a problem.


Click the LastPass icon in your browser and choose Account Options.

Then click Advanced and then Import.

You should see an importer for your browser that will step you through the process.

Be sure to turn off saved passwords on your browser when you’ve finished the import because you’re using LastPass for this job from here forward.

If you’re not sure how to do this, just Google something like Turn off password saving in Chrome

Note: if you’re a Mac user, Keychain passwords can’t be directly imported due to the security Keychain uses to store data.

How to Add and Save Sites

Adding Sites Automatically

Whenever you log into a website that is not yet saved in LastPass, it will prompt you with a request to add the site to your LastPass Vault.

Click Add and your login will be saved for future use.

Creating an Account on a New Website

When you create a new account, LastPass recognizes this process and will prompt you to store the information.

On most sites, you should be able to pre-fill information you’ve stored as a Form Fill (see below).

You should also be able to generate a random password by clicking the circular arrow icon in the Password field and click Generate and Fill. This should fill the password and confirm password fields.

Adding Sites Manually

You can add a site manually by clicking the LastPass browser icon

Select Sites then Add Items and then select Password to open a window where you can enter your login information.

This is particularly useful to save websites with nonstandard login code that is not recognized by LastPass’ automatic saving system. This does happen from time to time.

Pre-Filling Website Logins

Once a website is stored in LastPass, when you visit that site again and attempt to log in, you will see the gray LastPass 3-dot icon in the username and password field.

Click the icon and select your login to prefill the login form.

Note: in cases where you have more than one login for a website saved, you will see a number on the LastPass icon indicating how many logins for that site exist in your Vault. Click the icon and select which login you’d like to use.

The LastPass Vault

Your vault is where all your secure items are accessed, including website logins, form fills, and secure notes. Access the vault by clicking the LastPass icon in your browser and choosing Open My Vault.

What you should know about the LastPass vault:

Add sites and secure notes by clicking the (+) icon at the bottom right

Search and sort logins into folders easily

Access your Form Fills

How to Fill a Form

Set Up Form Filling

From the LastPass Vault click Addresses in the left menu and set up your information.

Do the same for Payment Cards and Bank Accounts from within the Vault.

You will be able to select saved information when you fill a form on a webpage.

Filling a Form Automatically

Once your information is set up in the Form Fills area, LastPass will place a form filling icon (looks like an ID card) at the top of any web form it can fill.

Click that icon and your form will be automatically filled with the information in your vault.

Note: LastPass may notice information you fill manually and offer to add it to your Form Fill information so you don’t have to manually fill it next time.

5 Nifty Things You Can Do Once You Set Up LastPass

1. Generate a Strong Password

If you have a need to generate a strong password, just click the LastPass icon in your browser and Generate Secure Password.

Note, you can set the password length and what kinds of characters are allowed (which is helpful on some sites that inexplicably don’t allow special characters)

2. Take the Security Challenge

Once you’ve used LastPass for a while and have stored a number of logins, open your Vault and click on the Security Challenge.

This process evaluates your password strength, checks for known compromises and allows you to automatically change your passwords for many popular sites. Running this process from time to time is a good practice.

3. Start Using Notes

Secure notes allow you to save information other than website logins securely in your LastPass Vault.

You can store driver’s license info, passports, etc. as text information and also upload attachments like photos for each one.

Since this information is accessible on a mobile device as well, this is an excellent way to make these kinds of information available anywhere securely.

To set up a Note, open your Vault and click Notes in the left menu.

4. Set Up Sharing

You can share some or all of your saved logins with other users by setting up Sharing in the LastPass Vault.


Open the Vault and click Sharing Center in the left menu.

Then set up a shared folder and invite users to access it.

Any site logins you add to that shared folder will be available to the users invited to that folder.

Note: shared passwords cannot be copied, only automatically filled by LastPass.

5. Set Up Emergency Access

What happens if I get hit by a bus? By giving trusted friends or family emergency access to your LastPass account, you can allow them to access your account after a pre-defined wait time.

In the LastPass Vault, click Emergency Access in the left menu.

6. Set Up Two-Factor Authentication for Your Master Password

As an added measure to a strong Master Password, you should really set up two-factor authentication by using LastPass’ own authenticator or one of several other industry standard two-factor authentication options.


To set up two-factor authentication, access your Vault, click Account Settings in the left menu, then choose the Multifactor Options tab at the top.

Select your preferred provider(s) and set it up.

LastPass Free vs. Premium

As you can see, LastPass Free has everything you need to securely store and fill passwords on a single kind of device (for example: a Mac computer, a PC Computer, an iPhone, an Android Phone).

But if you want to access LastPass on different kinds of devices, you will need to upgrade to LastPass Premium for $24/yr. LastPass also offers Business and Enterprise versions that focus on a single bank of passwords accessible by users.

Watch the Video: Getting Started with LastPass

In this webinar video, we walk through how to get started with LastPass, as well has how to take advantage of several of the great password manager features.







Tags: ,

No Comments

Leave a reply

Story Page