Special Program – Secure Your Digital Life – The Master Password
Don’t reuse passwords:
- The best security in the world is useless if a malicious person has your legitimate username and password. They can do everything you can do.
- Some people’s passwords are just simple to guess, like “password.”
- Others use plain words that can be guessed by a hacker’s program that tries every word in the dictionary.
- Using the same password for every site, a hacker only has to break it once or find it on another compromised website to have access to everything using that password.
Use robust passwords:
- A password needn’t be a word at all. It can be a combination of letters, numbers, and keyboard symbols.
- Use a password at least twelve characters long. Longer passwords are harder to guess or break.
- A password should not contain your username, real name, or company name.
- The use of upper and lower case letters, numbers, and keyboard symbols make the most robust passwords.
Avoid weak passwords; here are some examples.
- Using a common dictionary word as a password is a bad idea.
- Something easy to work out with a little background knowledge. For example, favorite football team, birthday, spouse’s name, etc.
- The most common password is ‘password’ so that’s an obvious one to avoid.
- Look after your passwords.
Never disclose your passwords to anyone else.
- Don’t enter your password when others can see what you are typing.
- A compromised password should be changed as soon as possible.
- Don’t recycle passwords (e.g., password2, password3).
- Don’t send your password by email. No reputable firm will ask you to do this.
- If you think that someone else knows your password, change it immediately.
- Don’t write passwords down; use a Password Manager instead.
Choose A Password Manager: I suggest you start using a Password Manager to store login information for all of your online sites. Using a password manager is the most important thing you can do to enhance your security online. There are some good ones to choose from LastPass, Bitwarden, DashLane, 1Password, RoboForm, and Chrome Password Manager; these all are well vetted and safe to use.
- My preferred password manager, by far, is LastPass.
Creating One Strong Easy to Remember Password For use as a Master Password
However, to use a password manager, you still need one password to lock and unlock it. This password needs to be unique and follow all of the robust password rules. This one password should have no relation to your life, family, anniversaries, hobbies, or travels. In other words, not guessable by someone with knowledge of your life. At the same time, this master password needs to be easy to remember and type, especially on a phone keyboard.
Here is a simple online tool from LastPass to help you create a unique master password, it’s their Username Generator Tool. You could use it to make 8 or 10 character strings to use as a username. However, I’m suggesting using it to generate pronounceable pseudowords.
Open the Username Generator Tool:
- Set the Username Length to 5 or 6 characters.
- Choose “easy to say” and check both the Uppercase and Lowercase boxes.
- Now click the circling arrow symbol to generate a word. Repeat clicking the circle arrow till you find a pseudoword you can pronounce, make notes, of it.
Repeat this process until you have 3 or 4 nonsense words.
- Combine these non-words using numbers and symbols between them and add some numbers to the beginning or end.
The goal is to end up with a 20 to 30 character random master password that you’ll use to unlock LastPass or some other password manager.
Here’s how I create a master password using the LastPass Username Generator Tool.
First created three, six letter base words (TimphE, tergoN, OupERs, and a random number 574619).
Note: I toggled through many iterations in the username generator tool for each base word until a variety of letters appealed to me.
Then combined them with numbers and symbols to build a 20 character password, add some numbers to the beginning or end (Note: I changed some capitalization to make typing easier). My final master password is (Timphe4tergoN#OupErs%574619) to end up with a 27 character password. This random combination of letters, numbers, and symbols will be my Master Password for logging in to LastPass or whatever password manager you choose and nowhere else.
You can use this temporary scratchpad to create your password.
Be sure to copy your creation before leaving this page.
Online Research and Tips
- Naked Security’s video on How to Pick a Proper Password?
- How to Create a Strong Password (and Remember It) by How-To Geek
- How to Use a Password Manager Video by The Verge
- Google Chrome Has a Built-In Password Generator. Here’s how to use it! By Bleeping Computer
- Guide to using Chrome Password Manager
- Manage saved Passwords in Chrome – You can have Chrome remember your passwords for different sites.
LastPass Free Password Manager – Stop using the same password for all sites.
With a password manager, you can use long, complex, different passwords for each site and no longer need to worry about forgetting them.
You can stop storing passwords in the browser’s password manager. Browser password managers are not only non-portable across computers, but it is also a significant security risk.
The Last Password You’ll Have to Remember!
LastPass brings all of your usernames and passwords together in one secure place, allows you to auto-login to your favorite sites, makes shipping and billing forms a breeze to fill out, it helps you manage your digital life.
Create Your Account for free! – You can also subscribe to LastPass Premium single user $36 a year or Families plan with six premium licenses for easy password sharing $48.
Once you create your account, you will be asked to install the LastPass web browser extension.
Install the LastPass web browser extension
The browser extension is an extremely crucial part of the account recovery process, it is recommended that you install the LastPass web browser extension and log in at least once. The browser extension will create a Recovery One Time Password that can be used during the account recovery process if you ever forget your LastPass Master Password.
- Click Install LastPass when prompted. If you navigated away from this page, you could go to the LastPass Downloads page More ways to get LastPass installed.
- Proceed with the steps of downloading then installing the web browser extension for LastPass.
- Once the web browser extension is added, click the inactive (black square with three dots) LastPass icon that appears in your web browser toolbar.
- Enter your LastPass username and Master Password.
- Click Log In.
- An active LastPass icon (red square with three dots) will appear in your web browser toolbar, indicating a successful login.
That’s it! You can now click on any of the most used sites displayed beneath your active LastPass icon to begin adding your credentials or click. Remind me later. When prompted, select I’m Done if you are finished, or Let’s Go to open your LastPass Vault and take a tour.
LastPass Guides & Resources
- Download and Install LastPass – Your LastPass account will give you access to your data anytime, anywhere, when you log in to LastPass since your stored information is securely synced to our servers.
- Add a New Site – You can add a new username and password while logging in to a website, saving manually, or adding directly within your Vault. You can store an unlimited number of password entries in your LastPass Vault.
- Manage Your Vault – The LastPass Vault is where all of your passwords, Notes, and items are stored.
- LastPass Self-Service Training Signup Instructions
- Register Self-Service Course & Course Sign-in
LastPass Help Videos
- LastPass | Install Browser Extension and Login
- LastPass | How to Enable Password AutoFill on iOS 12
- LastPass – Master Password Recovery – SMS
- LastPass – Master Password Recovery – Fingerprint
- LastPass – Master Password Recovery – Face ID
- LastPass – New and Improved Experience
Articles Guides & Resources – Note: Ignore the Enterprise Users’ features.
- Set Up Your Account
- Settings & Preferences
- Account Recovery
- Account & Billing
- Account FAQs