Like seemingly everyone else in the tech world, the horrific tale of Wired editor Mat Honan’s hacking last week scared the pants off me.I tend to recycle the same three or four passwords (I know! I know! You’re not supposed to do that!) for just about every online service I use, so there’s a lot of overlap. Not good.
While Apple and Amazon fixed the loophole that led to Honan’s hacking, I was still nervous about the rest of my digital life. In the past two years, hackers have been able to figure out my passwords to Gmail, Facebook, and Twitter, flooding all my friends and contacts with spam messages.
So here’s what I did:
First, I enabled Google’s two-step verification for Gmail and other Google services. Two-step verification will only let you log in after you enter your password and a secret code it texts to your phone. For smartphone apps that need access to my Google account, such as the email app on iPhone, I had to ask Google to generate a unique password for each one. That got a little tedious since I didn’t realise just how many apps I use rely on data in my Google Account. Luckily, you only need to input those unique passwords once for each app.
Next, I dropped $50 (!) on a desktop app called 1Password. 1Password, as the name implies, only requires you to remember a single password for everything. The app acts as a locker that stores login information for all the stuff you sign up for. With a clever browser extension, you just need to log into the app once and it’ll automatically sign you in when you visit a site stored in your locker. Even better, if you think your passwords are easily guessable, 1Password can generate a random bunch of letters and numbers for you to use instead.
So I used 1Password to generate new passwords for my most important stuff like my Twitter account, bank account, and Facebook. I also invested in 1Password’s $15 iPhone/iPad app, which syncs over your home’s Wi-Fi network to the desktop app.
It took me a week of tediously inputting logins for everything I use from Gmail to Twitter to Hulu to Spotify into 1Password, but I finally feel like my passwords are much more secure than they were.
Is this a perfect solution?
And I’m sure if someone really wanted to steal one of my passwords he or she could figure out a clever way to do so. But I do feel way safer than I did just a week ago.