Law Firm Security

Law Firm Security – How crucial is a Password Manager?

By November 8, 2018February 11th, 2021No Comments

When someone wants to hack a password, the first step will be a dictionary lookup attack, which means that multiple words from the dictionary are entered as the password. This will break into 25% of accounts and take seconds. That is why companies encourage you to create a complex password that has Numbers, Characters, Upper, and Lower Case, and Symbols.

The password “norman” has 320,000,000 different combinations and can take less than a second to hack.

The password “Aq60xMBN#$” has 60,510,648,114,517,017,120 combinations and would take 20 years to hack.

https://www.grc.com/haystack.htm

While implementing a complex password is a great first step, there is still a problem with someone stealing the password from a compromised website.

clip_image002

In 2013 hackers broke into Adobe’s website and stole my username, password, password hints and answers.

So even if I had a complex password like Aq60xMBN#$, hackers now have it and my email address and can attempt to hack all sorts of sites using that combination.

Therefore, you must have a different complex password for every website you use. That is impossible for a human to do unless you carry around a notebook with you at all times.

The solution is to have a password manager that generates different complex passwords for every site you use.

clip_image004

The picture above shows RoboForm which generates random complex passwords and stores them for every site. To open RoboForm, I have to know one password, referred to as my master password. Once I log in, RoboForm creates and saves all my passwords.

RoboForm is cross-platform, so it works in all my browsers on both my Mac and PC and on iPhone. It synchronizes data between all of these devices.

What happens if someone hacks my RoboForm Username and Password? They would have access to all my passwords. This is not a concern; this website might shed some reasons why: http://www.roboform.com/blog/RoboForm-Security-Measures

Has your password ever been compromised?

https://haveibeenpwned.com/

Go to the website listed above and put in your email address. It will tell you how many times your email address and password have been stolen.

Here are some good Password Managers:

RoboForm

LastPass

1Password

COMMON-MISTAKES-CTA-R2