2015-07-30

Think about how many times every day you use a password on a phone, computer, social media site, gaming network, or another online account. Passwords are a huge part of our daily lives. Technically, they serve as authentication to identify people as being who they claim to be. Correct authentication is supposed to prevent others from accessing or altering your personal data, so passwords should be kept very secure. Unfortunately, some people put themselves at risk of cyberbullying, identity theft, or other dangers by sharing or exposing their passwords. For instance, we’ve asked hundreds of groups of students if they know any of their friends’ passwords. The majority say ‘yes’ every single time!

I’d chosen to give my Facebook password to one of my “best friends.” She was friends with a girl who I’d been having some bullying problems with. One day my “friend” was at my enemy’s house and decided to get on my Facebook and delete all my pictures. Then they took a picture of this boy that I really liked and put it as my profile picture. They wrote all over my profile so all my friends saw it. It was really stupid, but it hurt me so badly.

~ 15 year-old girl from North Carolina

Maybe you would never share your passwords on purpose. However, you still might reveal them accidentally. A lot of people store and remember their passwords in ways that make it easy for others to find them. One person might leave her passwords on a sticky note next to her computer, or taped under her keyboard. Someone else might save them in a text file or Excel spreadsheet right on his computer’s desktop. Another person might even leave them in a small notebook that she carries around in her backpack or purse, or in the Notes app on her phone. It doesn’t take Sherlock Holmes to notice these sorts of things! And, not only are they easily discoverable, they are also easily lost or deleted.

Even if you’re careful about never putting your passwords in easy-to-find places, and even if you never share them with others, that doesn’t mean they’re completely safe. For example, some websites have security questions that let users retrieve forgotten passwords. If the user answers the questions correctly, he gets an email with a link to reset the password. Common password hint questions include “What is your pet’s name?” or “What is the first car you drove?” I know Justin’s pet’s names, and the first car he drove – and if I can get into his email account, I can consequently access a lot of his other information, too. And that might allow me to change passwords on his other online accounts— simply by having access to his email and knowing a few basic facts about him. Of course, I could also impersonate him, lock him out of his profiles, delete his carefully curated images and posts, or even do something criminal via his account. The possibilities are endless, and this can (and has) happened to many people.

Plus, some individuals tend to use the same password for multiple accounts— school and personal email, Facebook, Twitter, Instagram, Skype, eBay, PayPal, and more. That makes it easy to remember, but it also means that if someone finds out the password to a single account, he can then get into all the other ones, too. As such, it’s wise to have a different password for every site or account you use, and to keep track of all your passwords in a way that’s safe and secure, yet still convenient. We would therefore like to recommend some software solutions that will help you keep a tight leash on your private information. We’ve evaluated each of these password managers, and list out with the pros and cons below. Whichever method you use to keep track of your passwords, just make sure you figure out a solution that doesn’t leave you vulnerable to cyberbullying or other online risks.

LastPass

How convenient would it be to only have to remember one master password that allowed you to safely use all of your favorite apps and sites without having to also remember the unique account information for all of them? LastPass allows you to securely browse the web, and log into all your favorite sites by only having to remember one master password, and the best part is the automatic form fill feature. This allows you to input all your personal information one time, and then it will remember everything for any future use. According to the LastPass website, we should be using passwords that look like “KQo=3oyB>VXG^-6.” With that being said, it is unrealistic for any of us – especially teenagers – to create and use ones like that because of their complexity and difficulty to remember them. LastPass, though, will generate all of these tedious but very secure passwords for all your different accounts, remember them, and populate the appropriate form fields with them at your online account sites. It can also import and use the login and password information you’ve already saved in your web browser.

Furthermore, LastPass provides a great feature called a “secure note” which allows you to keep everything from your social security number to your bank account information to your health insurance details, all sorted out in sections, but allowing you access them in one spot. It even allows you to attach pictures and videos, which is a great way to ensure that your private photos stay private even if someone else obtains access to your phone. LastPass offers different methods of overall security; one of my favorites is a fingerprint feature for unlocking your phone (regardless of its model or version). Other methods of screen unlocking are swiping, patterns, pins, and passwords. It also provides full Web-based access to all of your login and password data (encrypted, of course). LastPass offers a free 14-day trial, and then you have the option to sign up for a $1.00 monthly charge for unlimited premium access. The bottom line is that you can create an account with one password, and LastPass will do the rest. You can access your account on your mobile device, laptop, and desktop computers, as supported platforms include iPhone, Android, Linux, Windows, and Blackberry.

Dashlane

Dashlane is a product which also has the master password, auto form-fill, and digital wallet features like LastPass, but comes with a few notable features. First, it allows you to set an emergency contact who can have access to limited information of your choosing in case of some sort of emergency or death. It also allows you to record all of your online purchases by saving your receipts and any relevant screenshots you might want to include. In addition, Dashlane offers an automated password changer. We all know we are supposed to change our passwords regularly, but very few actually prioritize this task (don’t feel condemned, we understand! J). With the simple press of a button, Dashlane will recognize all your weak passwords and suggest a change. You then have the option to change one or multiple passwords at once. And again, the best part is that they can be convoluted and abstruse, but you don’t have to remember them as that is what the software does for you. Like LastPass, it creates and stores an encrypted backup of all of your login data in the cloud, and allows you to login and see it from any browser.

To increase the security of your account, you can also use two-factor authentication via Google Authenticator. Basically, this adds a layer of protection by validating devices that you seek to login with, and sends you a code via text to your verified smartphone – which you’ll need before you want to access Dashlane on any device. You might think this precautionary measure is overkill – but it is worth the extra ten seconds to receive and type in a code so that just knowing the master password won’t be enough.

Dashlane intuitively walks you through the app on your Android or Apple device, making it very user-friendly. You have unlimited, basic free access to this application and a 30 day premium trial. Dashlane is on the expensive side, but our priority is maximum security. For $39.99 a year for premium membership, you can feel safe when you access your bank account, when you go online shopping, and with their auto-login feature you will save a lot of time! The software even allows you to set an emergency contact, in case of any critical matter. This emergency contact then would have access to limited information of your choosing, should you die or be otherwise incapacitated. Another cool thing is that you can tie multiple pieces of the same type of personal information to one identity. For instance, you might want to have two phone numbers or two email addresses to one – it allows you to do that. Finally, Dashlane lets you keep a history of all your purchases by allowing you to screenshot online transactions and receipts. Dashlane currently supports PC, Mac, Android, and iOS devices.

SplashID

The SplashID password manager is very elegant and user-friendly, and like the others stores your passwords, credit card information, and anything else you can think of inside of “Business” and “Personal” Categories. As silly as it may sound, you can even store size information for clothes, shoes, etc. (right now, I actually have size information in my Notes app for my home’s air conditioning filters, my car’s air filter, the ring sizes of loved ones, and so much more – and could use this app instead!) A downside to this app is the lack of auto-fill. For example, if I created an account with my basic contact information on it (like my first name, last name, address, city, state, zip code), it would not pre-populate the same fields on another site asking for the same information. I’d have to enter all of my details again. Like the aforementioned managers, SplashID offers strong password generation, and all you have to do is remember your master password. You are also provided with one master password hint, in case you forget it.

After installing this product, you have free access to basic protection, or for 19.99 a year you can use their Pro features, which gives you priority customer service 24/7 and the feedback on the latest security threats. Unlike many of the other password managers, SplashID automatically syncs all your information to the Cloud (automatic secure storage accessible through many devices). This app also has a very cool feature that I did not notice while using other password managers: if you are idle for any specified amount of time from your phone, the app automatically logs out. While evaluating the other programs, I definitely became aware that if I did not manually log out, the app remained open and therefore my private information was at risk if I left my phone somewhere. This app is accessible on iOS and Android devices, Blackberry, Windows Phone, webOS, and Palm OS smartphones, and there are also desktop versions for Macs and PCs.

RoboForm

RoboForm is also a solid choice as a password managers as it can help you generate and remember very strong credentials for all of your sites. I personally don’t think that it is as user-friendly, elegant, and visually attractive as SplashID, for instance, but it has all of the necessary features to store your login information and related notes, and you are able to save different identities for different websites. For example, you may have one profile saved with your credit card information for all of the sites at which you make purchases, and another identity for all other sites that do not ask for credit card information. This allows you to provide or automatically input the appropriate information at the proper online destination – not too much, and not too little – by simply selecting an identity. RoboForm – like Dashlane – also allows you to tie multiple pieces of the same type of contact information to a single identity if you wanted to do so (e.g., three street addresses to one profile).

One downside is that there hasn’t been a major feature update in a while, and so it seems the software hasn’t stayed up-to-date with the various changes in web development. For example, it doesn’t properly fill every single pop-up window or JavaScript window that might prompt you for login information. Accepted platforms for RoboForm are Windows, Apple, Android, and Linux – and it syncs across all of your devices. You can use RoboForm for a 30 day free trial and then you have the option to continue your membership for $9.95 for the first year. Cool tip: RoboForm offers free unlimited use for college students and professors!

Norton Identity Safe

Norton products are well-known and respected for their antivirus protection capabilities, and now has this new feature which you can download on your computers and phones for free, and use to securely store all your important personal information in one app. It also warns you of malicious sites that might compromise your identity and seeks to alert you if there are any rogue scripts or elements in place so that you don’t fall prey to “phishing” schemes (where the site seems legitimate but is actually fraudulent). This software is very user-friendly and simple to install and set up. You can import passwords stored in your browsers (but not from other password management applications you may have used in the past). Then, when you input your information in a new site, it does what all of the others do – saves it and subsequently fills in that information when you revisit that site in the future. Norton Identity Safe, like the others, offers syncing to the Cloud, but the software itself does not have a password generator to help you create stronger passwords. In addition, it performed less optimally than Dashlane or LastPass in storing all passwords I typed in, and populating all of the form fields at various sites. This program is available for Windows, Mac, Android, and iOS.

Password Genie

Password Genie provides you with all the basic essentials; auto-filling for forms, browser import, you can have access to your account in up to 5 devices with unlimited users, and if you can’t find a category to save your most important documents, you can add your own. Like all the other apps, you have to create a master password, and as you are creating it Password Genie will let you know how secure your password is and advise you to make it stronger if necessary. It also recognizes whenever you input updated information at various sites, and consequently updates its own database. It also deserves comment that this product does a better job than others on unusual login situations (for instance, my bank has a two-page SiteKey system which it could handle).

Another useful feature if you ever get into a pinch is that Password Genie offers live chat help, and remote viewing and access for the desktop version. The remote viewing and access allows the support agent to access your computer as if they were in front of it themselves to investigate any problem the program might have. The software does not, however, import passwords and content from other management programs (although it does allow you to do so from browsers when you install it). Plus, you can store various kinds of personal information in it – but it does not then take that information and use it to populate form fields on various sites. Rather, it only acts like a glorified vault (and for that purpose, I’d rather just use my Notes app on my phone). Password Genie is now available on Android, Mac, and Window devices. Basic free access is available, and it provides an option to upgrade to a premium version for $11.99 a year.

So – what should you use? Here are my recommendations, in order of preference: LastPass, Dashlane, Roboform, SplashID, Norton Identity Safe, and Password Genie. The top two are the best, in my opinion, because they do everything you’d want them to do and their software versions keeps getting better in meaningful ways (such as adding fingerprint authentication!). LastPass is comprehensive and outstanding in its feature-set and perfect for power-users who want customization and flexibility. Dashlane does pretty much everything LastPass does, but is a bit more attractive and user-friendly (at the cost of flexibility). You should pick one of those.

A final caveat: In addition to using a password manager, don’t forget to change your password regularly. No matter how unusual and hard to guess, it could be compromised without you even knowing it. Sometimes hackers access passwords by finding security holes in databases for popular websites and online stores. Once a cyberbully or hacker has gotten to your password, he might also be able to find your name, email address, and other personal information which could then be used to steal your identity. Sometimes the companies or websites themselves don’t even know that the information has been stolen until weeks or months later. So it’s best to change your password at least once a year. Pick a time of year that will remind you to make the switch. Get in the habit of changing your passwords at the start of each school year, on your birthday, or on some other memorable date. Just make sure you don’t let passwords get stale! As they say, forewarned is forearmed – and using a software-based manager will definitely reduce your vulnerability to victimization, and all of the stress, headaches, and heartache that goes with it. And encourage your students to do so when you see them at the beginning of this school year. It might take a few minutes to set up (like anything worth doing!), and you won’t regret doing it but will regret not heeding this advice.

Image Source: http://www.ecloudtimes.com/wp-content/uploads/2015/01/password-manager-windows-top.png

The post Password Management Software for Teens appeared first on Cyberbullying Research Center.

Show more