First Click: An easy way to quit reusing passwords

June 8th, 2016


I’m just like Mark Zuckerberg. Okay, I’m not fabulously wealthy, nor do I meet regularly with heads of state. I’m also not building a Jarvis-like AI for my home. Instead, I have a nasty habit of reusing passwords, just like Zuck… and most of the internet.

Zuckerberg’s password of choice was "dadada" according to reports. Mine’s at least mixed case, with numbers and letters chosen from all over the keyboard. My fault is in reusing the same password, or passwords, really, over and over and over again. Something I just corrected with the help of software I use every day.

I installed AgileBits’ 1Password password manager on my Mac, PC, iPhone, and Nexus 5 about 18 months ago. Mainly I’ve used it to generate and manage unique and impossible-to-remember passwords for new sites I visit, not for the old sites where I’m already registered. Fortunately, I’ve been diligently hitting the "accept" button each time 1Password offered to store my credentials for every old site I log in to. Eventually 1Password created a complete portfolio of all my IDs and passwords, both new and old, and synced them securely across my devices. As of today that's more than 300 items, hundreds of which are logins I've accumulated during a life lived online.

Reading about Zuck’s predicament this week reminded me of my own vulnerability. Odds were good that if left unchecked, I’d eventually succumb to a similar hack (or worse) considering all the high-profile password dumps from sites like LinkedIn and MySpace. Fortunately, I just discovered the Security Audit feature of 1Password.

Not only is 1Password a terrific password manager, it’s also a surprisingly useful tool for sussing out vulnerabilities. The desktop app will tell you which passwords are weak (broken down by "terrible" or just plain "weak"), which are duplicates (I had dozens, I’m ashamed to say), and which passwords have remained unchanged for months or years. It took a few hours, but I’m happy to say that I’m duplicitous no more.

And while I was at it, I also culled some accounts I no longer use (sorry Tumblr, Hulu, and Jawbone), and enabled two-factor authentication on a few sites that recently began offering 2FA protection.

Am I 100 percent secure? Nope. But with a password manager like 1Password (or LastPass) helping me manage hundreds of strong and unique passwords, I’m certainly better off than Zuckerberg, except for all the money and stuff.

Five stories to start your day

  1. Google made an iPhone app that turns Live Photos into amazing GIFs

    My entire picture library is inside Google Photos, which for a long time made Apple's Live Photos feature on my iPhone 6S Plus rather useless. Google didn't support the format until March, so if I...

  2. Five reasons you'll want Lightning headphones for your iPhone 7

    Lightning can be scary. Just look at the hordes of people that howled in terror at the idea of Apple replacing the traditional headphone jack on the next iPhone and using wireless and...

  3. Exclusive: Why Tony Fadell left Nest — and Alphabet

    Last Friday’s news that Nest CEO Tony Fadell would be leaving the company he founded with Matt Rogers and stepping into an "advisory" role seemed like the culmination of months of stories about...

  4. Duncan Jones went through personal hell while making Warcraft — and survived

    One of the first things you notice about Duncan Jones is that he loves to laugh. Sometimes it’s a self-deprecating chuckle, others a full-throated guffaw. While I’m waiting to sit down with the...

  5. Why is everyone on Game of Thrones acting so casual about Jon Snow?

    If you haven't caught up with the current season of Game of Thrones please go away. [SPOILERS for Game of Thrones and A Song of Ice and Fire below] The resurrection of Jon Snow, one of the most...

Lock of the day