Password Management

Today I am going to move a bit off of my normal topics of Exchange and Office 365. I don’t think this topic is going to be too far afield, but fair warning none the less. In this post I am going to talk about password management, and a nifty new tool that I think makes the somewhat cumbersome task a bit easier and more secure.

I have been a LastPass customer for quite a while. LastPass is a web based password management tool that has apps for Windows Phone, iPhone, and Android. It’s a very easy to use tool, and it is inexpensive and well worth it to upgrade to the paid version.

As a consultant, I end up with accounts on lots of different customers systems. This is not to mention the piles of my own accounts I need to manage these days. In my somewhat less than humble opinion, it is plain irresponsible to use the same password for more than one website/service these days. I feel like no matter what you do, you can almost guarantee that your username and password is going to be stolen from some website or service you use on a regular basis. If you use the same username and password everywhere, that means the bad guys are going to have access to a lot more than just the systems they can break into. For this reason I think it is imperative that we all use large complex and unique password words for every different website and service we use. LastPass, and several other similar password management tools, make that possible.

The downside to this password management strategy is that is it very time consuming to regularly change passwords on all your websites and services, as I would also recommend you do. Well LastPass has recently released a tool that makes this process much easier; Auto-Password Change.

As you can read on their blog post, Auto-Password Change lets you hand that task over to the LastPass plugin. I’ll walk you through the process of how Auto-Password Change works

First you need to install the LastPass plugin version 3.1.70 or higher. Then open your LastPass vault and edit an Entry for a website that is currently supported (I’ll be using Facebook here).

In the screenshot, you can see the “Auto Password Change” button, press it. At this point, you get a pop-up warning box explaining what is about to happen. Give LastPass the OK to change your password, and let it do its work.

After a couple of seconds, you’ll have a new password. That is really all there is to it. Of course this tool only works for a specific set of websites, but I expect LastPass will add to that list over time and eventually it will work for almost everything.

Everything I have read for security expert type people says that LastPass is very secure and trustworthy. I’d be interested in hearing if you have seen anything to the contrary.

Do you have a different tool you prefer? Let me know in the comments below.