Consider this your mid-week motivation—here we’ll be sharing a new smarter secret from our authors, the people who you learn from and who inspire you to push the limits of your potential. So, with World Password Day coming up, we asked: How do you stay secure beyond strong passwords?
I use a password manager to ensure I’m not using the same easy-to-remember password everywhere. I happen to use LastPass which, when I made the choice, was a 50/50 with 1Password. Now that I am able to use my cell phone at home (thanks only to WiFi calling, still too remote for cell service), I’m opting into 2FA with text message more and more. I still don’t feel like I do quite enough but getting to this point was a good first step for me! –Julie Lerman
I never "remember me" for anything secure or any site belonging to a client. I sign in every time. I never re-use passwords from site to site and I tell my people not to use passwords to my stuff as passwords to other people's stuff. I never click links in emails, and my mail client shows extensions on attachments, doesn't retrieve pictures automatically, and so on. Most phishing attempts are easy to spot if you take the time to look - they work because people just react automatically. So I keep myself out of "automatic" mode as much as I can. –Kate Gregory
Two words: Password Manager –Gail Shaw
Switching from homebrew password derivation schemes to 1Password is easily the biggest improvement to my online security. You don't know what you miss until you start using a password manager. –Sander Mak
I use two factor authentication for all services that support it via Google Authenticator, so Gmail, Evernote, Dropbox, LastPass and more. –Cory House
I use random passwords for sites, especially shady ones that can't afford an SSL certificate. If they ever ask for an address or an email ID, abuse the fact that Gmail is dot blind (for example - I would register for evilcorp.com with [email protected] and store that in a database.) This way, even if you start getting spam, you just have to check the 'to' section, and map it to the company that you gave the address to and bam - that's another dirty site that sells your data.
I also wipe my system every month or so which keeps things working nice and clean and helps remove any low-effort malware that I might not have picked up with regular scans. –Rithwik Jayasimha
I use a password manager (LastPass) and have that manage my passwords. I literally don't know any passwords. Also, if the site or service allows it, I have LastPass automatically change the password periodically. Additionally, for my "most important" services and sites, I use two-factor authentication, often just as simple as putting in an additional pin that I receive per SMS. –Barry Luijbregts
Two factor authentication when possible and don't reuse passwords. –Xavier Morera
Shred all bills and mail that has even a shred of personal information that could be used by someone trying to impersonate me to gain access to my accounts. –Dan Appleman
Just switched to 1Password tonight. I've been meaning to do so for a while now, but finally took some time where I wanted to feel productive without having to do a lot of mental heavy lifting and got it done. On the Mac, it couldn't possibly be easier. It'll take a few days to let iOS integration percolate before I can judge how well it holds up there, but the Safari extension on iOS seems pretty promising. –Casey Ayers