There’s nothing like starting a Saturday morning with a panic attack. After dragging myself out of bed, I logged into Gmail to receive a glaring red alert that my account had recently been accessed by a computer program or app hosted by AWS in California. While there are a few other people who have access to my Google account (and whom I trust), this was notably a computer program or app that had the password to my Gmail account and had successfully logged in. No harm was done — no one thinks I am kidnapped in Africa or in need of $1 million to get “home” safely — but it was a wakeup call that I am too careless with my passwords.
Yes, I am one of those people who uses only about three different passwords, despite having LastPass on all the computers I use throughout the day. Part of my job is to test out different apps, and I know not all of them are well-intentioned. I’ve been doing this for months now, and have been using the same password throughout; often, this has been the same or similar to my Gmail password. That was incredibly dumb on my part, because some time in the last few days I tested another app, which was obviously scammy, and someone there tried that password on the Gmail account I used to register. And it worked. Though my Gmail account was compromised, no damage was done. And, yes, my password has been changed — and so have many others.
This all could have been easily avoided (and you can avoid it, too) by using LastPass to create a secure and unique password for every single account for which you register. I know not everyone signs up for 3-6 new social networks or apps every day, but even should you just sign up for one new Web site a week, creating a unique password will prevent this style of hacking where an app tries a known password on another known account. With LastPass, you simply install the plugin on each computer and your passwords are encrypted and stored in the cloud, so they are accessible anywhere.
Your password vault is even available online, should you be on a relative’s or friend’s computer without access to the plugin. To create a unique and strong password for every new account, you simply need to use LastPass’s tools to generate a secure password. Just copy the secure password into the new app and then allow LastPass to save the site once you sign in. You will then have a new, secure password for each site, which will help prevent your most important accounts — like your email — from being compromised.