Published 1/24/2020 in The Maryland Daily Record
Several years ago, I became convinced that saving passwords in a notebook or Excel spreadsheet wasn’t the safest way to go.
At that time, having a smartphone was still new to me. I relied on an employee in my office to do the research on the best options in the market for online password keepers. Without much more than her recommendation, we managed to sign up for the only service that did not have a mobile app. I told myself this service must be the safest. Despite the pushback from others more in the know, I felt that we had taken a step in the right direction and committed to using this website-based service.
While this service did offer meaningful advantages over my paper and spreadsheet approach, it remained necessary to remember every possible password when accessing something online. When a password was forgotten, which I admit was often, I would have to open a web browser, enter a username and password. This would then prompt a key phrase that was set up by someone else.
The phrase was easy to remember, actually. It was a true sentiment about my favorite sport. The problem was that typing it was very difficult. Especially when I was often doing this in a rush to access whatever website I had forgotten the credentials for.
Over time, we attempted to migrate to a mobile-enabled service called LastPass. I was hearing about how easy this service was to use but I was slow to change. I didn’t understand the technology that would allow a single login to LastPass that could reach any website that required credentials to log in.
In my best effort to delegate, I agreed to try it. Because I tend to move at light speed, I didn’t invest the time to fully understand the system and the protocol.
Soon after making the switch, I forgot what LastPass calls the “master password.” This means that only the login to LastPass is required to access all other passwords. If this one is forgotten, all content saved in the site is lost.
Gone. Not able to be recovered. Ever. So, all was lost.
Strategy No. 2
I swore off of this ridiculous service and stuck with the old-fashioned archaic PassPack original version. We became aware that PassPack introduced an updated version that seemed much more consistent with current technology. However, any time we needed customer service or when we wanted to learn how to convert to this new application, it was too difficult to access anyone to talk to, chat or email with to get the information.
Ultimately, the old version could not be converted. So, we stuck with it even longer. I adapted by committing to use the same variation of the similar passwords for everything. This had to be an approach that would surely make my life easier.
This continued for another few years. Years filled with constant frustration with me attempting to remember, often forgetting, resetting, updating, filing in all kinds of possible combinations, ultimately having to access a web browser to access the PassPack home base.
As I would enter more into PassPack, we realized that no one in my office could view my entries. It became very complicated to share these, and again, there was little tech support to make it easy to fix. This went on for too long, even as we heard more frequent warnings about cyberattacks that made me feel more vulnerable.
Our information was so safe that only I could access it in many cases. This is not ideal. We have been through too many situations where access is needed yet only one person holds the key to unlock the data.
Back to the future
That brought me to a conversation with a friend who works in cybersecurity. His company requires all employees to use LastPass and they provide this as a benefit that includes personal credentials. The employees are required to use this on their work computers and mobile devices.
The way he explained LastPass functionality sounded too easy to be true. It also sounded super secure.
Fast forward. Within the past 6 months, we exclusively use this. The process is so simple. Now the technology uses a fingerprint from a smartphone to log in and a plug-in that is so easy to use that I now rely on the complex combinations suggested for passwords.
I don’t know my passwords and I don’t need to. The amount of mental exhaustion and relief is meaningful. Enough users must have forgotten their master password because LastPass now has a way to recover this so all will not be lost.
This has taught me a big lesson — to be more open to things that actually can make life easier. With all we are managing today, this is one big value add.
—Dorie Fain, founder and CEO of &Wealth