1 00:00:00,590 --> 00:00:04,520 In the last video, we explored the importance of password strength. 2 00:00:04,520 --> 00:00:08,140 They should be unique, sufficiently complex, and the longer the better, 3 00:00:08,140 --> 00:00:12,400 but doing this for every site and service can lead to password fatigue. 4 00:00:13,530 --> 00:00:17,230 Many people just don't think it's worth the inconvenience of coming up with long, 5 00:00:17,230 --> 00:00:19,710 unique passwords for everything they do. 6 00:00:19,710 --> 00:00:23,420 And it inevitably leads to the breaches we discussed in our very first video. 7 00:00:23,420 --> 00:00:28,260 And one of the biggest risks you can take is to reuse a password for 8 00:00:28,260 --> 00:00:29,050 more than one site. 9 00:00:30,550 --> 00:00:33,220 Imagine that you've created a really strong password. 10 00:00:33,220 --> 00:00:36,790 You think it's nearly unbreakable, so you use it for social media, 11 00:00:36,790 --> 00:00:39,350 for your email, and for your bank. 12 00:00:39,350 --> 00:00:40,360 If, for example, 13 00:00:40,360 --> 00:00:45,590 the social media account is breached, that password is effectively out in the open. 14 00:00:45,590 --> 00:00:50,070 Many attackers can then try what's called credential stuffing, using an automated 15 00:00:50,070 --> 00:00:53,980 tool to attempt the username and password breached from one site, on another. 16 00:00:55,040 --> 00:00:58,440 Now those attackers can access your bank and email, so 17 00:00:58,440 --> 00:01:01,500 password uniqueness is just as important as password strength. 18 00:01:02,730 --> 00:01:05,890 Now that we've sufficiently explored the importance of password strength and 19 00:01:05,890 --> 00:01:10,020 security, I'll introduce one of the best tools available to help you stay on top 20 00:01:10,020 --> 00:01:11,190 of your passwords. 21 00:01:11,190 --> 00:01:11,990 Password managers. 22 00:01:11,990 --> 00:01:16,190 There are several options available, and I'll demonstrate one of the most popular, 23 00:01:16,190 --> 00:01:20,470 but do make sure to find the solution that works best for you and your needs. 24 00:01:20,470 --> 00:01:22,470 Let's take a look at what LastPass can offer. 25 00:01:22,470 --> 00:01:26,980 The whole premise of password managers is that you no longer have to generate and 26 00:01:26,980 --> 00:01:29,440 remember all the passwords in your life. 27 00:01:29,440 --> 00:01:33,060 As the name suggests, LastPass just needs that final 28 00:01:33,060 --> 00:01:36,660 master password to access the other passwords you've stored. 29 00:01:36,660 --> 00:01:39,756 So let's log in with that one password you'll have to remember. 30 00:01:49,051 --> 00:01:51,691 Now that we're logged into our password manager service, 31 00:01:51,691 --> 00:01:54,116 we can go to any site that would require a password, and 32 00:01:54,116 --> 00:01:56,995 the manager will recognize that it has credentials available. 33 00:02:03,593 --> 00:02:06,534 I just fill in the fields like this, and I'm in. 34 00:02:10,616 --> 00:02:14,819 Another super helpful feature that most password managers offer is strong password 35 00:02:14,819 --> 00:02:15,536 generation. 36 00:02:19,284 --> 00:02:22,309 I can choose the password length, up to 100 characters long, 37 00:02:22,309 --> 00:02:26,001 as well as set some character restrictions to match the site's requirements. 38 00:02:34,632 --> 00:02:37,639 I can then store this super strong password with the manager and 39 00:02:37,639 --> 00:02:39,350 never have to think about it again. 40 00:02:42,137 --> 00:02:46,592 Password managers are great tools because they address the convenience security 41 00:02:46,592 --> 00:02:48,550 tradeoff directly. 42 00:02:48,550 --> 00:02:51,380 They reduce the inconvenience and frustration that can 43 00:02:51,380 --> 00:02:55,695 come from password fatigue and they up your security in the process. 44 00:02:55,695 --> 00:03:00,190 They're likely better at generating strong passwords than any human would be. 45 00:03:01,410 --> 00:03:04,480 Now, with a strong unique password for each site, 46 00:03:04,480 --> 00:03:08,790 we're safe from credential stuffing attacks if a service ever has a breach, 47 00:03:08,790 --> 00:03:11,890 but that doesn't help for the hacked site itself. 48 00:03:11,890 --> 00:03:14,520 Another type of tool exists to protect your data 49 00:03:14,520 --> 00:03:18,430 even if your password is out in the open, it's called two factor authentication. 50 00:03:19,460 --> 00:03:22,820 It's more of a feature that you can enable for sites that support it 51 00:03:22,820 --> 00:03:26,320 than it is a service you can purchase, but it is highly recommended. 52 00:03:27,410 --> 00:03:32,300 Two factor auth is an additional layer of security on top of your passwords. 53 00:03:32,300 --> 00:03:35,410 It is often a code that is sent to you as a text message or 54 00:03:35,410 --> 00:03:38,970 generated on a device you own like your smartphone. 55 00:03:38,970 --> 00:03:42,560 In fact you likely already use it in your life without realizing it. 56 00:03:42,560 --> 00:03:46,480 It's the reason you carry an ATM card and use a PIN. 57 00:03:46,480 --> 00:03:51,000 This is how two factor auth often is used for your online accounts. 58 00:03:51,000 --> 00:03:54,100 You log into a site with your username and password. 59 00:03:54,100 --> 00:03:57,510 The site then prompts you again to enter a code. 60 00:03:57,510 --> 00:04:02,330 That code is either texted to you or better yet you have set up a special app 61 00:04:02,330 --> 00:04:06,300 on your phone that generates these codes for you every ten or so seconds. 62 00:04:07,500 --> 00:04:10,300 You enter that code and now you're logged in. 63 00:04:10,300 --> 00:04:12,530 It's a little extra effort up front, but 64 00:04:12,530 --> 00:04:17,210 two factor authentication is an incredibly effective security mechanism. 65 00:04:17,210 --> 00:04:20,840 Your data is safe even if your password was leaked or 66 00:04:20,840 --> 00:04:22,640 even if you were tricked by a phishing scam. 67 00:04:23,990 --> 00:04:27,900 I'd like to offer a few additional notes about password managers, 68 00:04:27,900 --> 00:04:30,310 email, and security questions. 69 00:04:30,310 --> 00:04:35,120 Password managers store your secrets, which make them prime targets for hackers. 70 00:04:35,120 --> 00:04:39,670 Make sure that you are comfortable with that level of trust, and you still need to 71 00:04:39,670 --> 00:04:43,680 be extra cautious with that final password used to log into the password manager. 72 00:04:45,110 --> 00:04:47,890 Another security concern to think about is 73 00:04:47,890 --> 00:04:51,450 that your email is often used as your personal identity. 74 00:04:51,450 --> 00:04:55,340 If you lose access to your email or it's compromised in some way, 75 00:04:55,340 --> 00:04:59,730 many sites offer password recovery or reset through your email. 76 00:04:59,730 --> 00:05:02,420 Your email account would be an ideal place 77 00:05:02,420 --> 00:05:05,930 to start enabling two factor authentication for this exact reason. 78 00:05:07,130 --> 00:05:11,460 As another mode of password reset and recovery, and even sometimes as a limited 79 00:05:11,460 --> 00:05:16,340 form of two factor authentication, sites will ask you security questions. 80 00:05:16,340 --> 00:05:19,290 They're meant to be questions that only you would know and 81 00:05:19,290 --> 00:05:21,830 would have the answers readily available, but 82 00:05:21,830 --> 00:05:24,891 would prevent strangers from attempting to take over your account. 83 00:05:24,891 --> 00:05:29,275 This may have been effective in the past, but choosing the right questions and 84 00:05:29,275 --> 00:05:32,705 answers can often be harder then generating a strong password. 85 00:05:32,705 --> 00:05:35,735 And with questions like what is the name of the high school you went to, 86 00:05:35,735 --> 00:05:40,485 the answers can often be easily found on a person's social media profile. 87 00:05:40,485 --> 00:05:42,715 So be mindful of these questions. 88 00:05:42,715 --> 00:05:47,655 And when available, we should all be moving to more secure two factor options, 89 00:05:47,655 --> 00:05:49,635 like the cogenerating apps on our smart phones.