Friday, May 16, 2014

App of the Week - LastPass

It seems like every week there's a new "threat" we have to worry about. The latest Heartbleed and Internet Explorer vulnerabilities are just 2 of the latest examples requiring us to be vigilant with our passwords. "Change your password" they tell us, but that's easier said than done. Mozilla did a study of volunteers that saved passwords in Firefox some time ago. From the volunteers, more than 30% used less than 3 different passwords. People are still using common passwords like 123456 and password. But even more complicated passwords involving substitutions such as "dr4mat1c" and phrases like "Iloveyou" are getting easier for hackers to crack as computers get faster and the software they use more sophisticated. According to InstantCheckMate, an expert hacker can crack the average password in under 3 minutes. So what's to be done?

Safest Passwords

The safest passwords to use are those that are completely random, use combinations of numbers, letters and special characters and are 8 characters or more. "d2#-.6hGr,!oP2" would be a good example. Next, you need to use a different one for each website. Plus, you shouldn't write them down, put them in a spreadsheet or word document (even if they are mixed with bogus ones or translated in some way), and definitely don't write them on the front of your laptop with a sharpie like a friend of mine! This is where you need help in the form of a Password Manager.

Password Manager

A password manager is a small app or program which helps you remember all your passwords, and more importantly, which password goes with which site. There are many different password managers and since you're trusting it with your most sensitive information, it's important to pick a trustworthy one.

One that we used to recommend is RoboForms which has been around for years, but technology changes so rapidly we have changed our recommendation now to LastPass.


TechnoRV loves LastPass. Here's why:

  • It is secure, used by millions of people, and is FREE!
  • It will automatically generate a REALLY complicated password for you
  • It will remember which website a particular password belongs to. When you next visit that site it will fill in both the username and password for you
  • It will "learn" your passwords as you visit your websites and enter your information
  • You can store all your important information such as safe combinations, medical and financial information as encrypted "Secure Notes"
  • You Can enter your credit card information, shipping and billing addresses and save them as a profile which it will then automatically fill in the correct fields for you when you're internet shopping.
  • There's a paid version which runs on your Smartphone and gives you access to your LastPass vault
  • You can access your LastPass vault from any computer connected to the internet

When you use LastPass, you only have to enter your master password once to "unlock" your digital safe. Just make sure your master password is a good one. Phrases of random words with substitutions is a good idea, for example Beer*W1ne-Cider!.

Is LastPass Safe?

First of all, nothing in life is guaranteed, except death and taxes. Having said that, I'm comfortable with their level of security (a hacker is welcome to my overdraft!). It's up to you what level of security you deem acceptable.

Here's some of its security features:

  • AES 256-bit encryption with routinely-increased PBKDF2 iterations (techno-speak for pretty awesome)
  • All sensitive data is encrypted and decrypted locally before syncing with LastPass which means that if someone hacks the LastPass servers, they will only be able to see your heavily encrypted (scrambled) data.
Just a couple of safety tips. In LastPass settings, be sure to tell it to log you out when your browser closes and after a set period of inactivity. You can also disable logins to your account from everywhere except the United States.

How To I get LastPass

Simply visit and sign up. You'll then download a file which will load a plug-in into your browser (we recommend using Google Chrome). You'll then have to sign-in with your LastPass username and password and start browsing.


We use LastPass all the time and think it's great. Both Tracey and I share the same LastPass account so we can always get to each other's information. This is important because if something happened to me I want Tracey to be able to access all our financial sites. More importantly, it's dynamic, so when we have to change passwords, LastPass always has the latest version. I can truly say it has made at least one aspect of our life a lot easier.