I’m a huge fan of 1Password. If you aren’t using it or some other secure wallet / password manager, you should go set it up, then come back and read this.
In any case, I often find myself browsing on my iPad/iPhone and land in some website that I need to log into (my bank, Twitter, Reddit, Google, whatever). Since I use unique random un-rememberable passwords on every single website, I have to:
Copy the URL from the Safari URL bar
Paste it inside 1Password’s built-in browser
Use 1Password’s auto-fill
or the reverse which is more painful:
Find the login info I need
Go back to Safari
So I wrote a small bookmarklet that will open the current Safari address in 1Password. It works with 1Password for iOS 4.1. And here it is:
In order to install it while on your Mac, just drag the “Open in 1Password” link to the Bookmarks bar. If enabled, iCloud Safari syncing will take care of making the bookmarklet show up on your iPhone/iPad.
Today, LinkedIn suffered a massive security breach, and 6.5 million passwords were stolen. I went and I changed my password for a new one and I am done. You should do the same, but it doesn’t necessarily mean that you are done.
If you re-use your password, then you are in trouble. You may be really good about not writing down your password and not telling it to anyone… but the breach can happen on the other side. It’s trivial for a hacker to write code to try out every username/password combination on many popular websites (Google, banks, Facebook, etc). Out of 6.5 million passwords, I’m willing to bet they would have lots of success. You should really, really use different passwords for each different account you have.
Impossible to manage? No. Just use a password manager. I use 1Password on the Mac, iPhone, iPad. It stores all the passwords locally and securely encrypted. The browser plug-in for the desktop is really good, and the app for the iPad and iPhone is ok. It all synchronizes seamlessly. It’s an expensive solution, but having your bank account drained or your identity stolen will be way more expensive. There are other similar products but I haven’t tried them.
Will this make you completely secure? Well, no…
…you are never 100% safe. But you can always do better.
And last, and admission: While I knew I was vulnerable because I was reusing just 2-3 passwords on all my online accounts, what prompted me to get serious is when I saw one of my passwords on this list. Shameful.