LinkedIn, eHarmony and Last.fm. Within the last week, these three companies reported password leaks affecting millions of users — about 6 million from LinkedIn, 1.5 million from eHarmony and an unspecified number from Last.fm. Even the savviest of tech companies can fail their users.
We all know best practices with passwords: make them unique to each site, the longer the better, mix in special characters, avoid pet names, etc. But let's face it, they're incredibly difficult to remember, and fields become cumbersome to fill out.
But with a little help from software, we find secure password-management solutions to keep your accounts safe — a digital safe for a digital age, so to speak.
1Password: Comprehensive password manager with one-time fee
We last covered 1Password in a cybersecurity-themed column, but it makes our list again because this popular software (named winner of Macworld's Editor's Choice Award and Ars Technica's Design Award) is incredibly well regarded in the tech community.
Slick browser integration means the application can automatically generate strong passwords, save them and fill in fields without leaving Safari, Firefox or Chrome. The software takes care of the heavy lifting, and all you have to do is remember one (hopefully very secure) password that holds the key to your accounts.
The PC and Mac desktop apps ($49.99) have great smartphone counterparts (free for Android, $14.99 for iOS) that can automatically sync via Dropbox. There's even a (slightly clumsier) manual Wi-Fi sync option, in case you'd rather keep your passwords off the cloud. 1Password is a bit pricey, but rest assured it's worth every penny.
LastPass: $1/month subscription service chock full of features
Another popular and trusted password-management application, LastPass functions similarly to 1Password, except for one major difference: Your passwords are stored on its servers. Some consumers worry that storing a password on an outside server opens up another avenue for hackers to steal their data.
But LastPass, named one of PC World's 100 Best Products in 2009, reassures users that their data is encrypted and decrypted locally, and the Web-facing product is secured with 256-bit AES encryption. AES is an encryption standard used by the U.S. government and throughout the world to secure data. Generally speaking, the higher the number, the longer the key and the harder it is to crack.
LastPass's syncing capabilities bring one unique and handy feature not found in other comparable applications: password sharing. Even if articles like this one warn you from sharing passwords, chances are you will (e.g. Mom wants to borrow your Netflix account, a colleague needs access to a group account, etc.). With LastPass, you can give passwords away, or share them without divulging their contents.
The other big consideration with LastPass is its pricing structure. The free subscription service includes its major features (automatic form filling, synchronized across browsers, password sharing and more) but comes with ads and lacks mobile access. The premium subscription includes the whole enchilada and costs a cool $1 per month. LastPass is available for PC, Mac and Linux computers as well as iOS, Android, Blackberry, Windows, webOS and more.
KeePass: Free, open-source alternative you can tweak to your needs