 Should you use a password manager and how to keep your password safe? We're talking about that today on the journey Now today on the journey. I have a special guest Alicia with security. She is our security expert Thanks for coming on the show today. Thank you for having me and today We're talking about how to keep our passwords safe and what is a password manager? But let's start with how to keep our passwords safe because I'm probably rocking not this most secure password right now Well, I would say that like CLU are the things to remember so complex long and unique complex meaning a mix of characters So uppercase lowercase some symbols some numbers Long so the longer the better it just adds more permutation the more characters that you add and then unique So try not to reuse passwords I know pretty much all of us are guilty of it If you're gonna do that keep it for the you know counts that you really don't need the throwaway accounts for you know Some social media website. You're never gonna use that much That's a really good way to do it keeping tears of passwords And but just making sure that you get them as unique complex and long as you can that makes perfect sense And it was super important that you said don't use the same password for every single account Cuz if low and behold a hacker gets a hold of one that means they have access to everything your bank social media Any sites you've accessed totally and there's some really great tools like have I been pwned? It's a website where you can put in your email address and find out if your email address has ever been involved in a data breach If it has and you use the same password all the time for everything that means all of your other accounts are pwned All right, what are some other concerns that we should really think about with our passwords Well, I mean some people will default to a strategy like okay Well, I'm just gonna use like my dog's name and I'll replace some of the letters with numbers like Okay, first of all if a hacker is really trying to go after you they're gonna do some research and find out some things about you So birthdays password Dogs names like yeah, I definitely saw that on mr. Robot That was the first thing that he did to try to find passwords did research on that person and the passwords were usually related to that I know it's a TV show, but it's a lot more real than you think Yeah, actually at Sakurai all the people who work there just love that show because they put a lot of effort into like making sure That it's accurate But another consideration that you think about is not sharing your passwords You know like you you never really know you don't want them written down on notepads or something like that You don't really know how safe they are that way, you know if you're sharing them with somebody There's more secure ways of doing it. There's tools like quick forget That'll allow you to you know put a little secret online and share a link with somebody that expires after it's been viewed So sharing passwords via chat and stuff like that for different things are not a good idea or emailing passwords Really not safe. It's super not safe I've ran into lots and lots of situations working at go-to talking to the small business owner that gave their passer to their employee after a while that employee was no longer an employee and They had all their information and it was not pretty what they did Totally, that's why it's also important as we mentioned in like our you know Some of our previous videos like the network security tips for small businesses up there You know that you want to make sure that you're documenting this stuff If you're gonna share password to somebody or you have access for somebody when they leave your organization You want to make sure that you're changing those passwords So something that I have on my phone is Google factor authentication, but tell the audience about 2FA So to factor authentication or multi-factor authentication if it's more than two is just another step after your password So you've typed in your password and for most people they'll go to their mobile phone and open an app like Google Authenticator and it'll have a list of time-based codes for each of your accounts those expire after like 30 or 60 seconds So you've typed in your password and you only have so long to enter that 2FA code It's usually a six care six digits or something like that makes sense But that would mean that a hacker would not only have to have your password But they also have to have your mobile phone with the app installed in order to break into your account So by all means if there's 2FA available on your account, please turn it on It's one of the best things you can do to secure your accounts now with passwords I have so many sites that I long into Sometimes I forget Google doesn't always save it for me and it's still just it's just a battle Is there something that I can use in the audience to use to help us out? Yeah Well first of all stop using Google to save passwords because Google saves them in plain text and use a password manager These applications are designed just to store and protect your passwords Okay, so what you do is you set up a super crazy master password This is like your one password to rule them all and so Essentially once you log into the password manager It'll start storing the passwords as you log into sites and offering to save them the next time you come back to that site It'll auto fill it for you. Okay, so you can get it for your phone You can get it for all your browsers You just have to log into that password manager application and then from there on it takes care of it for you And it'll even generate passwords for you so you can have long crazy completely scrambled passwords Most of my passwords are 20 characters just for reference security expert was like 64 on the password generator So that's a really great way to make sure you absolutely have unique passwords for everything last pass when I use even has a security test That will go through all of your saved passwords and let you know which ones are not unique and how you can make them a little more Strong now can you give us a little demo of the audience at home? Yeah, how to use that password manager for sure. Let's do it cool All right, so we're here you're gonna give us that demo of a password manager, right? Totally. Yeah, and there's a lot of different password managers out there So you can look and see what's right for yourself. I know a lot of the people at Sakura use key pass Okay, it's not online. You can use a USB stick like a you big key in order to log into it Yeah, so you have to have that with you. I use last pass personally It makes it really easy for me to share passwords with my team and that kind of thing It is available on Windows Mac Linux and mobile so you can take it with you everywhere, which is awesome So first to start off you need to make an account So I've just used a just quick 10-minute mail fake email address right now for the purposes of this video And let's make a master password. So this one has to be a really good password. So complex long and unique That's CLU. Perfect. So I like to think of one That's a little bit easy. In fact, the advice that last pass gives is to tell a story That's unique to you. So I'm Canadian. So what's the most Canadian thing you can think of? So two things come to mind maple syrup and Justin Bieber. All right, okay, I can work with that So let's type the word maple, right, but like that's a dictionary word. It's easy to actually hack that because brute force programs will actually go through and just Combine a bunch of different words together and try to replace stuff and that kind of thing So that makes sense. Yeah So we'll just change to the a to an at symbol change the e to a three and then we'll do Bieber And maybe Hashtag or something like that. Okay So we've got at least 12 characters and now we need to make sure that we can type it in again My favorite thing to do here is to write it down briefly and then just Practice typing it in a bunch and you'll eventually get muscle memory and be able to type a super long password in no time Pretty easy. So we'll just um make maybe make note here pancakes for Cakes and pop music. All right, cool. So now we can unlock the vault new band name and now that we're logged in we can go ahead and Just get into last pass in the browser So because I've downloaded it here to Firefox, all I need to do is log in which last pass is already done for me here Sweet and now I'm creating an account on another website So instead of having to create a password right now and as you can see go daddy's got their little strong password Like meter there, so I can click generate a password right from last pass And I can even change the options to make the password longer. I can make sure that's a winner right there Yeah, let's go. Yeah, obviously that one is not gonna get hacked right right super difficult They even have options to make it easy to say or easy to read although honestly once you get to 26 characters I think So yeah, so I'll just go ahead and go fill that password. It's gonna offer to save it right away So I just go ahead and add it that's awesome And now I'm good to go I create my account and the next time that I go ahead and log back into go daddy so I'll log out right now and Go to log in and When I go to log in because I'm still logged into last pass It's just gonna go ahead and let me know that there's a matching username and password and boom I can log in So I never had to remember my password. It's way stronger than I would be able to make it on my own Wow, so that was super easy Thank you so much for sharing how to use a password manager with us my pleasure So that's all we have for you today Go ahead and smash that like button if you like this video add a comment below on what password manager you're gonna use And while you're here subscribe to our channel ring that bell so you get these videos first This is the journey. We'll see you next time