For our Citizenship topic I wandered into the sub-topic of security which IS critical and practical reality. Passwords and login practices around my world are frankly awful! People respond to my pleading like I’m a paranoid fool. Who is the fool? I think it is just as important as sex education, safe driving or street smarts- seriously! It’s part of digital citizenship. Either we ( educators ) teach it or avoid it. We have chosen to own the bullying problem and other social ills so why not digital identity safety? Anyway, here is my practical contribution. A trial in password software.
I read Dan Misener http://misener.org/my-password-is-bigger-than-your-password/ of CBC Spark, talking about the future of login security and then read his old post. I also jumped off and tried his recommended application for storing and encrypting all my passwords. Dozens ! Hundred pieces of data – easy. I bought a family license of 1password by Agilebits. I have personal IDs , school IDs and dozens of vendors and logins related to gateways for my school library so online access and management was a major chore. Add credit cards and online banking to the mix and digital business online is a worry. It is NOT just a nuisance.
It’s not just about sticky notes under your keyboard. It’s about your footprint and your day to day management. In January, my school credit card was jacked online. The bank was diligent and efficient but I was pushed into revisiting my practice because the truth became clear. Even the banks cannot alter the hazards. They are only reacting. I had a pretty good system I suppose but I felt I was still vulnerable.
Here is what I was doing:
1. I kept my school credit cards, accounts , email and services separate from home- always.
2. I have one home card with small limit, just for online
3. I used 2-3 passwords with a pattern, over and over, changing up when I could or forgot. I used ‘fishing lake names’ key numbers, and key hex char in location.
4. I stored these IDs and my PINS in a text file on a flash drive. Backed up 2 places, when I could. One location, private online. I wasn’t completely efficient nor happy.
Here is what I now do:
After installing an app on my home Mac, installing plugins for my browsers including my work PC, and installing my iPad app..configured keys.
1. I now login to 1Password with my MasterKey
2. I turn private browsing on, don’t store any logins in my computer browser cache,
3. I can access my encrypted logins from my browser’s 1Password plugins or reveal my IDs if I forget.
4. As I enter new services or logins, Im prompted if I want 1Password to store it.
You can choose to store your encrypted key file on a memory USB or store in your Dropbox account as a private file. As I browse from iPad to Mac to PC or work to home and around, I am accessing dozens of unique encrypted logins and storing vital data, from ONE safe storage place. Not leaving or losing files around is a bonus. Knowing my accounts are hard to crack is better.
It took a awhile to slowly change all my logins and make them challenging and also go through storing them in 1Password but it is a powerful utility. It will generate complex keys for you too. So far, it seems like a good made-in-Canada solution even if it takes some time to sort it all out.
We will see… Bottom line? I can find forgotten passwords. All my logins IDs, credit are encrypted , and not stored in my computers cache AND are very hard to crack- not impossible.