Using strong passwords and keeping your online self secure

By Adam Zeis on 21 May 2014 12:28 pm EDT
9
loading...
25
loading...
34
loading...

Earlier today, eBay issued a press release letting users know that a cyberattack "compromised a database containing encrypted passwords and other non-financial data." Users will be asked to change their passwords just in case, though they noted that eBay "has seen no indication of increased fraudulent account activity." This is sadly just one of many attacks recently, and something that won't be going away anytime soon, if ever.

Attacks like this are nothing new, over the years plenty of big-name sites have become victim to similar cyberattacks. Retial chain Target has been all over the news lately, and there's also vulnerabilities like the recent Heartbleed Bug that affected Google, Facebook, Yahoo and dozens of other sites.

As we go further and further, putting more and more of our personal information and lives online, it's even more important to keep that data safe. Your personal life (and data) is strewn out across the web in more places than you really know, so keeping what you can private and safe is more important now than ever before. At Mobile Nations we've always been big on security and keeping yourself protected online, but what are you really doing to make that happen?

Hack me once, shame on me

I was never big on passwords. In fact, the two passwords I used for everything were ones that were given to me by my original ISP nearly 20 years ago. I memorized them at the time and since they were a random jumble of letters and numbers, didn't give much thought to using anything else for any site. These were my go-to passwords, one I used more than the other, but I never considered just how bad of a practice this was until the day I almost lost my Gmail account.

A few years back I woke up to a slew of password verification notes from Google, and I instantly dove into a panic. I scrambled to login to my account with no luck. After a few hours of work, I managed to reclaim my account. I noticed that all of my account info was changed by the hacker, and the sent spam messages that numbered in the hundreds. I then realized that if finding my password here was this easy, I was extremely lucky it wasn't taken to the number of other sites that all shared the same password.

It was then that I started using a password manager and spent the next few days making sure my passwords were different across all of the sites I frequented. I only had to remember my master password, which I made so long it took me over a week to memorize. Since then I've had no issues with hacking and I've been sleeping soundly know that my online life is (mostly) safe.

Two-factor Authentication

Recently I've even taken things a step further by enabling two-factor authentication (or two-factor verification) where available. I use this now across all of my Google accounts as well as other services like Facebook, Twitter and Dropbox. Two-factor authentication adds an extra layer of security to your accounts, requiring you to enter a code provided either in an app (like Google Authenticator) or as a text message. The ensures that only you can get into the account, even if someone has your password.

Password Managers

The best bet for keeping your passwords secure, while also keeping them organized, is a good password manager. There are a few options available depending on your platform, but all are great choices and offer values far beyond writing all of your passwords down in a "safe place".

Strong Passwords!

If you're not up to using two-factor authentication or a password manager — at least use a strong password. Mix up numbers, lowercase letters, capital letters and special characters. The longer the better. And never use the same password twice. If a hacker does track down your password, the last thing you want is for them to have access to all of your accounts, just because you used the same password across the board. Stay clear of using passwords like your kids name, birthday, anniversary, "1234567", or the ever popular, "password". Apps like LastPass even offer a secure password generator so you don't have to do any thinking on the matter.

Are you using a password manager to cover your bases? What are some of your favorite tips for staying secure? Hit up the comments and let us know!

94 comments

just_luc

I love lastpass. I use it for everything.

Posted via CB10

Dave79

+1 but still dont trust random generated password, I set it to 19 characters but I manually change at least 5 or 6 every time.

Devil

Boom!

Posted via CB10

sedalia066

All your suggestions except for two-factor authentication are employed by me. BB Password Keeper works just fine to keep track of long and complex passwords all of which are different. And all of which are changed at intervals depending on the importance of the function.

sin-co

Agree, Password Keeper on BB is absolutely amazing...keeps everything in alphabetical order and creates a unique passwords :)

imcurved

+1.
You can generate random password with Password Keeper. It's Settings allows you to change password length.
You don't have to remember these passwords either. Use copy Password feature to copy and paste to BlackBerry browser and you're good to go.

 CB10 

Michael J Duffy

I was surprised to see that it wasn't a default app on my phone.

Posted via CB10

Abrante

I use Keeper since it allows me to use the service online and on my phone. I often just update or add password info on my computer and it automatically wirelessly syncs to my phone.

coffee-turtle

It used to be on BBOS devices, but not BB10. Didn't understand why wither.

sin-co

It's on BB10, download it from BB World

coffee-turtle

Thank sin-co. This I know. I was replying to the post that wondered why Password Keeper wasn't a *default* app. It comes installed with BBOS, but not BB10. But like you said, it can be acquired after the fact.

I like my coffee BlackBerry Black! What?

coffee-turtle

Why wasn't it mentioned in your article, Adam? Just wondering (or did I miss it)?

Graham Carruthers

Wondering the same thing!

Posted via CB10 using my Z10STL100-2/10.2.1.2141

LuayS

I wish it integrated with apps/browser and also allowed import from lastpass/keepass.

Posted via CB10

Bilaal

Glad to see you using LastPass, Adam! It's great, shame they don't have a BlackBerry 10 app though

Adam Zeis

They do (kind of). Their ported Android app works great https://appworld.blackberry.com/webstore/content/67272

Bilaal

Ah, silly me, I missed that! I just downloaded the latest version from Snap instead, it works fine.

Posted via CB10

jmb12177

I just do it the best way, don't leave anything on the net to be found.

Posted from a Nintendo Entertainment System

cjmartin

Highly recommend Enpass. They are the only Password Keeper (other than BlackBerry) to have a BB10 app - and a good one at that.

Also they have every other platform support. Desktop support. Dropbox & Box support (nice as a Box user - go PlayBook 50gb deal!).

And you can even import your existing BlackBerry Password Keeper entries. Great product!

Posted via CB10

SeekerBerry

Currently strongly considering Enpass for my passwords...

Posted via CB10

cvdburgh

Well, Keepass has a BB10 app too!

rhitdoph

AFAIK, it's not native BlackBerry code. It's extremely slow in response and ugly. Both of them: KPD (Keepass) and KeepassB.

wolf_clan

I gave Enpass a quick look and didn't see any mention of Box support. I saw restore options through OneDrive & Dropbox though. What do you mean when you say "Box support"? I primarily use Box and so would be interested in this

BB10user14

Enpass syncs with Box, Dropbox and Onedrive. You can download the app to your PC also and your passwords will automatically stay in sync across your devices and PC using one of the three mentioned above. Great app.

Posted via CB10

wolf_clan

Just downloaded Enpass and see the Box integration - awesome! When I first downloaded Enpass onto my computer it was there that I saw no mention of Box.....hence the confusion.

allwi

Not sure when you first downloaded Enpass ... but Box support was added only lately :)

Foppa_21

+1 for Enpass. Great App. Native BB10.

Sallem

I second that Enpass is the best and easiest too.

uktivo

+1 for enpass. Also has mac program to allow sync to my mac book. Excellent program and strange it wasn't listed in the write up. Instead we see lots of android / iOS apps.

Dave XII

Keepass...

Posted via CB10

schmeat

I like keeping it simple, so all my passwords are hunter2!

Posted via CB10

sinkingphoenix

I wonder if anyone gets that :)

Posted via CB10

martinjdub

Two factor or die

Posted via CB10 & my killer BlackBerry Z30

1roguecanuck

A new app that is in a beta (not BlackBerry beta) and just received crowd funding is Symple ID. I have been using it and it is fantastic for the two factor authentication. Even has the ability to change your password every time you log in for some websites (Facebook).

Keep an eye out for it, I've quickly become a fan of this. I use it in combination with Enpass and feel as safe with my passwords as one can in this digital age.

Posted via CB10

dallagi

Please don't forget keepass.. it's open source and it's available on win, mac, linux, android, ios, wp and bb10 (and it's native!)

Posted via CB10

rhitdoph

They are all Android ports. Sluggish and ugly.

dallagi

http://appworld.blackberry.com/webstore/content/27406106 this one is native, free and most of all it's open source (which is important for a software that deals with my own passwords)

Posted via CB10

dallagi

It appears the link I posted doesn't work.. btw it was about the app 'keepass for blackberry '. Give it a try, it's smooth and it's arguably the most secure one ;)

Posted via CB10

canuck_67

Password keeper rules. One password to rile them all

Posted via CB10

rhitdoph

That's my typo of the day! :) Thanks for the healthy morning laughter!

ealvnv

If you don't have a premium last pass account, use the bookmarklet in the BB10 browser it works great, $1 a month for premium is not too much anyways for the pro service

WPMan_Canada

I have been looking for a cloud based password manager but having a hard time trusting something as much as BlackBerry one. What if your password manager provider is compromised. Ouch.
You can use great encryption but implement it poorly that makes it vulnerable.

Posted with my Z10

bbelux1

I've backed Symple ID this is a nice answer to passwords.

Posted via CB10

arfin

+1 can't wait to get my NFC tags and test it out!

1roguecanuck

great to see others are as excited about it as I am!

Posted via CB10

AWB70

Lastpass is a 14 day trial. Problem I have with cloud based pass managers is if some one gets the password for that they have all your passwords. Probably better keeping it local or the native blackberry one built in. Obviously have a strong password on your device.

Posted via CB10

Alicia Erlich

I use BlackBerry Password Keeper and choose a password (for now) that is 8-10 characters long.

jope28

I wonder why that app wasn't emphasized in the post.
Works great.

Q10SQN100-1/10.2.1.3175 CB10'n

3_M4N

Same here. And while the cloud services do offer some convenience, they run the risk (albeit minimal) of being compromised and leaking all your passwords. I like Password Keeper because all of my info stays on the phone. Someone would have to get their hands on my phone and figure out the password before any damage could be done.

Posted while peeking and flowing on my incredible BBQ10! 

Antonio Bruno1

I am also a Password Keeper satisfied frequent user.
Keep my credit cards passwords, websites, etc.
Great program!!

Z10 aficionado since March 2013

Graham Carruthers

I also use it and don't see the need for anything else!

Is there something that I'm missing?

Posted via CB10 using my Z10STL100-2/10.2.1.2141

AWB70

Just noticed as well that the Keepass free version although it works is no longer supported by the developer.

Posted via CB10

cvdburgh

I didn't know that! Well, let's hope that it will keep running for a looong time, because I use it all the time...

Dave XII

it means that there will be no developments anymore on this specific built but the app won't disappear.

Posted via CB10

cvdburgh

Yeah, I get that, but you never know if the app will keep working on newer OS builds. Maybe it will on 10.3 but not on 10.6 or 11.0 or wherever we stand in a year or two. But for now, it works and I have it on my two desktop pc's, my laptop and my Z30. And on my iPad, although there it doesn't work as smoothly.

Posted via CB10

Graheem

The main source for KeePass is fully support. There are several apps, free and paid in BB World, as well as APKs. It's my favorite. I did settle on KeePassB ($1.99) and it is great. Serves my needs very well, full cross platform compatibility (I use it on desktops, tablets, and my Z10). So glad I found this, so much better than Password Keeper (as probably any of the ones in this article are).

diegonei

Strong, 15-18 characters long password for me. Not too keen on 2 step verifications as I had a lot of issues with them once. As for Password Managers... Say what happens to eBay happens to LastPass. What then? Hmm?

Prem WatsApp

And a prime target for GCHQ, NSA and other three/four-letter gov't organizations.

I believe that's just like the cream pie for them.

"No Q10?" -> "Buy from Chen... "

jrsc109

Lastpass for me...

Posted via CB10

DJ Reyes

I'm a huge fan of LastPass, been using it for years. I also adopted two-step verification on accounts that do offer that.

I backed Symple ID, want to see how that goes.

Posted via CB10

Bash_Man

Highly recommend Enpass as well. Works like a charm.

TioPepe78

Adam why didn't you mention Password Keeper?

crazylegshinch

Probably because this article was posted across all the Mobile Nations sites so it was meant to be more or less OS agnostic and be general advise for anyone.

peter0328

Password Keeper!

Posted via CB10

CMcRob

I use Enpass, and couldn't be happier. It backs up changes automatically on my computer, and this is a huge bonus to me!

Posted via CB10

Quattro2

Sites that allow pass phrases instead of restrictive passwords are the way to go... allowing you to string together a very long phrase or sentence that is much easier to remember than odd combinations of letters, numbers, and special characters, and the long phrase provides even higher security because math.

Posted from my awesome Z30 :-D

Rootbrian

Considering keepass or BlackBerry password keeper. I need to stop keeping passes in remember/memopad! Lol

Posted via CrackBerry 10 (CB10) application using my BlackBerry Q10.

ofutur

Password protection is very important if one is serious about security... Let's see how BlackBerry is doing with its most secure mobile OS which protects data and identity...

2 factor auth for BlackBerry ID? Nope
Password manager in the browser? Nope
Password manager in the OS which can fill passwords in apps or the browser? Nope

Oh, maybe all mobile vendors suck then, let's see...
Google accounts support 2 factor auth
Lastpass has a plugin for Mobile Firefox
Lastpass can fill passwords in Android apps and the Chrome browser
Lastpass has a flexible strong password generator which can also be used on BlackBerry 10, thank goodness for the Android VM

sparkaction

The apps and online services can help to generate and input passwords but can any of them help to automatically change your online password? Say to your eBay or Gmail account?

snpd

Enpass forever here, amazing app. And Authomator for 2FA.

Posted via CB10

GSM-S

Why isn't BlackBerry's Password Keeper app not listed in the app mangers?

Posted via CB10

lady of the lake

Enpass is my choice. Easy to organize and preset forms.

My bitchin' Z30 BlackBerry

Kevmobile

???! BlackBerry Password Keeper is not in the article list! It's a terrific app!

Most likely posted via CB10 from my amazing Z30, but may have been posted from my awesome PlayBook.

HighFlight88

BlackBerry Password Keeper from BlackBerry World is my preference. It's easy to use and has every feature I've needed. I'm surprised it wasn't mentioned in the article, as I'd much rather have a native app looking after the keys to my house than an Android or ported-Android app.

Keeper also looks quite well made, though I don't have any personal experience with it.

Via CB10 on  Q10

kalonjie

Try maskme on the pc for strong password and to save your password

Posted via CB10

kalonjie

And it's great for masking it email address and generating email for sites that want you to sign up

Posted via CB10

huungryshark

I use masked emails with Do NOT track me extension for Opera Browser. They also have masked phone and credit card nunbers

Posted via CB10

akraus88

I use lastpass, and pay the Android fee, they think I'm an Android OS ;-)

Posted via CB10

huungryshark

I tried a few but hands down, nothing beats ENPASS

Posted via CB10

dosto

Ridiculously complex passwords? Check! 2-Factor authentication? Check! LastPass? Check! Nice article.

Posted via CB10

huungryshark

I really wonder why not even the blackberry browser has a password manager. Not even a favorite manager! No swipe left and right for forward / backward website, lol even Evolution Browser has that.

Sometimes when I'm browsing the internet with my dell venue 8 pro tablet and touch internet explorer I think the blackberry OS10 Browser is just a bad copy of it.

Media Player also very bad, not even a equalizer lol come on Blackberry we have 2014

Posted via CB10

Charade

The problem is not with password keepers because it is these companies can't keep the hackers out and stealing the passwords from them.

I have lost passwords to...Sony, Google, bit.ly, yahoo, facebook X3, and twitter and now ebay.

The problem lies with them...I can keep track of passwords with great apps like Blackberry's password keeper...it is the need to constantly re-enter them as these companies get hacked.

I know this is the cost of being on the Internet, and this falls to the category of doing laundry as a job that just never ends...Just frustrated is all.

Authored on the Q10

qwerty4ever

I use Password Keeper to generate my passwords and when using SSH I use a certificate combined with a passphrase generate by Password Keeper. I usually add two-factor authentication for password change requests.

Posted via CB10 on BlackBerry Q5

cletis

"Mix up numbers, lowercase letters, capital letters and special characters."

A common, even prevailing, viewpoint -- which is quite wrong. I'll let Randall Munroe explain it, as he does so well: http://xkcd.com/936/

The only value in using special characters and random strings is that they result in a password which is better than what the typical user would use, like their birth or wedding date, or their dog's name.

Prem WatsApp

Hushmail.com does not recommend these passWORDs, but so-called passPHRASEs just as described in this comic strip article

furry cat defluffing device for weekend use

tomato juice colored drink makes vampires happy

(with or without spaces)

Password length is more important than complexity:

doG...................................123#
is apparently better than
FNydTg8p

"No Q10?" -> "Buy from Chen... "

Jean-luc_Picard

Well, let's look at this mathematically. I counted 93 different symbols, letters, and numbers on my BB10 keyboard that I think are standard enough to use in a password. If you use a completely random assortment of these for an 8 character password, the number of different combinations is 93^8, or 5.6E15 (roughly 5.6 quadrillion)

Meanwhile, if you have a 20 character password, but it is only lower case letters (of which there are 26), the number of combinations becomes 26^20, or 2E28. Since there are over a trillion times as many possible combinations, it is far more secure to have a password that's long, even if it's only lowercase, than a completely random password.

On the other hand, I've come across a surprising number of websites where passwords must be 8 characters or fewer, so you can't always have a long password, but the most secure password, if you can get it, is to have a long password with completely random characters, since using all characters in a 20 character password would have 93^20, or 2.3E39 possible combinations, which is over a billion times as many as using lowercase letters.

Posted via CB10

Prem WatsApp

Some good maths there, mate.

Zzzzwiped from a Zedevice....

dtarin

Last pass is great if you need a cross platform solution. Their BB10 app is a laggy android port but at least they made an effort to make it available in BlackBerry World. Wish they would make a native BB10 version.

Posted via CB10

christoph77

Always a +

C0038297E Quote of the Day (BBM Channel)

Doey68

If you use Password Keeper and lose your BlackBerry....... do you lose all your passwords?
I'm not using a password keeper / generator at the moment. I'm just about to start using enpass, which wasn't mentioned in the article for some reason.

Posted via CB10

harshadpatel

I highly recommend Enpass and their support is also top notch

Cyclingman25

I use a hak proof method. I have a little agenda I keep in a drawer on my desk. I write the passwords with pencil so I can change them as needed. I don't trust any password storage app. What if they break into it? Then you really are screwed.

Posted using my awesome Z10