Episode: 248 |
Will Bachman:


Will Bachman


Show Notes

Why you should use a password manager

Deep dive on how to set up and use LastPass

One weekly email with bonus materials and summaries of each new episode:

Will Bachman 00:01
Welcome to Unleashed the show that explores how to thrive as an independent professional Unleashed is produced by Umbrex, which connects you with the world’s top independent management consultants. I’m your host Will Bachman. Today, I want to encourage you to get a password manager, if you haven’t done so already. If you already use a password manager, then you can safely skip this episode. If you don’t already use a passage Password Manager, then you probably fit into one of the two categories. A, you are not convinced that you ought to use one or B, you’re already convinced that you should use one but you’ve been holding off because it seems like a major hassle. Or you aren’t sure how to get started, or you just haven’t got over the activation energy. Or it’s always been important but never been urgent enough. Before I go into how to set up a password manager, I’ll see if I can convince those of you in Category A of the importance and value of a password manager so that we’re all in Category B at least. Okay, so if you aren’t using a password manager, then number one, your passwords are almost surely not strong enough, you’re probably not using the 12 characters, the combination of uppercase, lowercase numbers, symbols, and no actual words or numbers like your birthday or anniversary. Number two, you probably reuse some passwords on multiple sites. Number three, you either write down your passwords in a file that could be hacked, or on some piece of paper that can be lost. And number four, you don’t have a convenient mechanism for sharing your passwords securely with a loved one or a business partner in case you’re incapacitated for some reason. So even with a highly secure, strong password, it is possible to be hacked. But it’s a bit like the old joke about the two campers who see a bear coming after them. You don’t need to outrun the bear, you just need to outrun the other camper. The same thing with passwords, you don’t necessarily have to have an unbreakable password. I mean, the NSA could probably break it, you just have to have a be a harder target than the other schlubs were using password 123 or their kids middle name. Because the hackers are gonna focus on those who are easiest to hack. So let them hack someone else, not you. So the benefits of a password manager number one, you can easily create a different highly secure password for every site where you have a log on. Number two, you no longer have to remember those passwords or worry about writing them down. Number three, you can log into those sites on your phone or tablet or web browser securely without needing to type in the password. Number four, you can selectively share passwords with other people. And you can control if they’re able to see the password or not. And number five, you can store other stuff securely in addition to passwords, such as credit card info and social security numbers. Okay, so if you’re convinced, let’s move on what password manager should you pick, there are several options out there, I expect many of them work in a similar way. So reviews online suggest that good ones include LastPass dash lane keeper in pass, that’s EN pa SS and one password. That’s the number one and the word password. I’m going to discuss LastPass. But I get I think that the others are going to work in a similar way. So when you get a LastPass account, you can then add the LastPass extension to Chrome. If you’re using the Chrome browser, you can also get the LastPass app on your phone. The first thing you want to do is add last add to LastPass your current usernames and passwords for all the existing sites where you already have accounts. So don’t do what I did. I did some manual x I did like a manual export of the passwords that were stored in Google Chrome on my browser into an Excel file. And then I manually uploaded imported those into LastPass. And it was a super clumsy process. There’s actually a way to import passwords from the chrome Password Manager directly into LastPass. And I’ll include a link for those instructions in the show notes. If you only have a few passwords that you want added the LastPass. Another way to get them in there is that once you have the Chrome extension installed, you can just go to each website and login. Whenever you log into a website that is not already stored in your LastPass. vault LastPass will have a pop up that asks if you want that username and password added to your vault and you just click Yes. So next you may want to go to sites where you have somewhat weak passwords and change those into strong passwords. Now, you can go to the security challenge feature on LastPass and LastPass. We’ll use its brain to look at all your passwords. It determines if any of those passwords are weak on their own, or duplicates of each other. It’ll also check if any of the websites that you log into have been breached by a hacking attempt. And they’ll give you a list of all the websites where it recommends that your password be changed. And then you can have LastPass automatically update those passwords for you with a click of one button for all of them. So you don’t have to go to each individual website and go to your account settings and look for security and then click on change my password and then change your password. With one button, you can do a bunch of sites all at the same time. If that makes you nervous, just pick one site that you don’t care as much about unselect the rest, let LastPass auto update that one and convince yourself that it works. After you change the passwords, you’ll then need to re log into the email and the various apps on your phone. But if you have the LastPass app on your phone, and you’ve logged into the app, then when you attempt when you log into an app LastPass will pop up and offer to fill in your username and password. So this whole process of just getting started does take a bit of fussing around. So I plan to do this when you have at least two hours that you can set aside. There’s so there is a bit of activation energy involved. But once you’ve done this life becomes so much easier. In the future. When you’re creating an account on some new website and ask you for your password. You just right click a LastPass menu pops up and you click generate new password LastPass will generate a password, populate it on any page there. And then when you click Create Account on the website LastPass will add that website username and password to your LastPass vault. So you never need to come up with new passwords or take the time to record them anywhere. The only password that you really need to remember is your password to LastPass. And that one you do want to be altra secure with at least 12 characters uppercase, lowercase numbers, symbols, no words, no meaningful numbers. The easiest is probably to find some totally random phrase that no one would guess that you would come up with and use the first letter of each word, some phrase that’s not associated with you anywhere. For each password that you store, there’s also space to add some notes. And I use those for useful information. So for example, along with the username and password for a hotel chain or airlines website. In the notes, I’ll put my loyalty plan membership number, and the phone number for customer service. In addition to storing passwords, LastPass can store payment card info securely. And then when you’re on the browser and asked to fill in payment info, you can right click and LastPass will let you select from which payment card info you want filled in. You can also store social security numbers in there for your family. And that’s safer than keeping them in some non secure note on your phone. You can also store passport info for each member of my family, I added all the passport info including a photo of the passport. And that makes it handy when you’re filling out all the immigration for firm forms as the plane is landing. You don’t need to whip out all the passwords passports, because you’ve just got the info on your phone. And if you lose a passport when you’re overseas, you’ll have the photo handy to show the consulate. LastPass has a family plan option. And if you get that you can create sub accounts for each of your kids. And then you’d be able to access their passwords if you need to. You can share passwords with someone else who has a LastPass account. And you can control if the person is allowed to see the actual password. Or if the password will be hidden to them, they can still fill it in on a website but hidden to them. So if you your significant other both of LastPass accounts, you can share passwords. For things like joint checking accounts. You might also want to write down your LastPass password, seal it up in an envelope, store it somewhere secure in your house such that if you are incapacitated, or if you pass away, your significant other will be able to access your accounts and manage things. Or if you and some co workers all need to have a joint log into some service that you use. Then you can share that share that password using LastPass. if everyone’s using that tool, and one person if they update the password if sort of the owner of that password updates it then everyone else can get it you don’t need to go telling everybody will update automatically in their LastPass account. So I hope this has been a helpful introduction. If you have been thinking about giving this show a five star review on iTunes, now would be a great time. Your review helps others discover the show. If you would give it four stars or fewer than just don’t bother. I’d love to hear from you with any questions that you have about independent consulting. You can email me at unleashed@umbrex.com Thanks for listening

Related Episodes


Author of Imposter No More

Jill Stoddard


Author of For Profit: A History of Corporations

William Magnuson


Commercial Leadership Roles in Professional Services Firms

Scott Ratliff


How Expert Networks Can Add Value to Primary Research

Ammad Ahmad