Aug 24, 2012

For the Love of Passwords: Thoughts on Ars Technica's Post & End-of-Week Link Round-ups

If you missed it, Ars Technica's Dan Goodin wrote a fascinating article this week on why passwords have never been weaker -- and crackers have never been stronger. Goodin explains the importance of unique, generated passwords for all of your accounts, tackling concepts like hashing, dictionary attacks, rainbow tables, and salting. The main take-away points:
  • Passwords are less secure than even a few years ago, thanks to advancements in hardware and password-cracking techniques, including the sheer speed at which they can be executed
  • Hackers have created rules and algorithms to cut through our "clever password tricks"
  • It's critical to use a unique password for each site, and a password manager is the best way to achieve this
It's stuff you've heard us say before, but the data he uses to back up the above provides a really convincing argument (if you have the time, the article is worth a read in its entirety).

With a password manager like LastPass, you're well on your way to more proactively protecting your data - the security challenge can also help you identify weak and duplicate passwords, and the password generator can help you set long, unique passwords for each account. Data stored in LastPass is encrypted and decrypted locally, and is protected behind a whole lot of encryption technology, including salted hashes. But above and beyond that, LastPass is also staying far ahead of the threat landscape by implementing PBKDF2, which Goodin notes significantly increases the time and computation required.

A few other articles this week that caught our eye:
What caught your attention this week? Share in the comments below!

Enjoy the weekend,

The LastPass Team