How Password Management Tools Can Protect Your Identity
The Heartbleed password issue put a significant spotlight on password management tools and other security concerns. Heartbleed was game-changing because it wasn’t just an isolated hack into a specific site; this was a sweeping issue that affected hundreds of thousands of sites big and small. The complete list was a Who’s Who of major sites, with more standard bearers affected than not. In terms of fixes, the general public could only wait and watch for updates as each individual company address internal concerns.
The reason behind Heartbleed’s wide-ranging impact comes down to the nature of the issue. Rather than being a hack into, say, Google’s server or a piece of faulty server hardware at YouTube, the Heartbleed issue stemmed from a security protocol that nearly every site uses as a data transaction standard. OpenSSL (secure sockets layer) is the standard that governs password logins and other authenticated transactions across the web. If you see a site with a padlock icon and/or the prefix https (rather than http), it uses OpenSSL. The Heartbleed issue surrounds a security flaw that exposes critical data in OpenSSL, thus making it an all-encompassing security concern and highlighting the need for password management tools such as the ones below.
LastPass: LastPass is a freemium (basic level free; premium features available) password management tool that utilizes a secure cloud password database for users. The service uses an encryption that LastPass servers don’t access — it is encrypted before transmission, thus protecting it from Heartbleed. Should another similar issue occur, LastPass users would not be impacted.
1Password: At $40, 1Password is more of an investment than its freemium competitors. The main application lives on your local drive, which keeps it secure but isn’t quite as convenient for the world of instant cloud access. As for Heartbleed, 1Password uses a different encryption then OpenSSL, so any 1Password users are not vulnerable to Heartbleed related issues.
Roboform: Historically used as a tool to auto-complete forms, Roboform is a locally installed premium application that is now focused on password management and one-click login. Regarding Heartbleed, Roboform does use OpenSSL; however, it uses versions that are not affected by the Heartbleed bug. If, though, another similar bug is found, the OpenSSL nature of Roboform may make it vulnerable.
Once you’ve got your password management tools selected, it’s time to think about marketing your business. Forward Push Media is a full-service marketing company, offering everything from creative consulting to website design to SEO.
By Marc Apple