I was reading an article from the LastPass blog yesterday entitled, 2014’s Naughty eRetailers: Who Made the List? regarding password security for some of the top e-commece websites. Thankfully none of the brands I support were on that list but I’ve had discussions with a number of people about how we store and salt user passwords, including how we handle password resets and failed login attempts.

This afternoon I thought I would take some time to share with everyone two tools that I each started using about two years now. They’ve really helped me be both more efficient and secure. And with all the recent retail breaches it’s more important than ever to have complex and distinct passwords for each and every site where you have an account.

LastPass

I started using LastPass about two years ago after I became very agitated trying to manage a growing list of passwords in an encrypted Excel spreadsheet. Initially I was wary of having all my eggs in one basket but in time I overcame that fear after digging into the technology around LastPass to learn how it works and I haven’t looked back since. The idea behind the product is pretty simple? They’ll store and save all your passwords in the cloud behind an AES 256 bit encryption that is keyed to your master password. All they store is the encrypted data so they don’t have access to any of your information. You can quickly and easily automatically generate new passwords and you can have LastPass fill in the forms and even auto-login if you so wish. I subscribe to LastPass as a premium user ($12 yearly) in order to have access to their mobile application on my Android devices. You can create an account for free for use on any number of browsers including Internet Explorer 8+, Firefox 2.0+, Chrome 18+, Safari 5+ and Opera 11+. The wife is a big online shopper and I’m still trying to help her get the hang of using LastPass but it’s my opinion that my time spent educating her will pale compared to the time I’ll end up spending if all her different accounts get breached at a single time. You can download LastPass for Windows, MAC, Linux or Mobile free of charge. I’m still mindful to only access LastPass from a known trusted device, so as to avoid any malware or miscreants capturing my master password.

Evernote

I’m one of those folks that has hundreds of text documents scattered all over their laptop, desktop and/or mobile device. I waste far too much time trying to locate my notes from a previous upgrade or problem often failing to find the actual data I’m seeking. About two years ago I met Greg Ferro in person at Networking Field Day 4 and was impressed at how he organized himself. I picked up Evernote shortly thereafter and I’ve been trying to keep myself better organized every since. The great thing about Evernote simlar to LastPass is that you can basically carry it with you anywhere. Your notes are all centralized and maintained in the cloud which allows you access from your laptop, desktop, mobile device or web browser. I’ve taken to using a Samsung Galaxy Note 10.1 2014 Edition with the stylus for taking notes while working on problems or issues. There’s been a lot of competition lately from both Google Keep and Microsoft OneNote. I haven’t really had an opportunity to try either out but from the reviews and posts I’ve read it sounds like Google Keep really can’t match the features of Evernote, while Microsoft OneNote is a compelling choice for new users.

Cheers!

Note: This is a series of posts made under the Network Engineer in Retail 30 Days of Peak, this is post number 12 of 30. All the posts can be viewed from the 30in30 tag.