WAYNESBORO – This is Part 4 of a 6 part interview by Samantha Wolfe of the Law Offices of Samantha K. Wolfe LLC, with Cermak Technologies, Inc. owner Mike Cermak, Jr. The interview is lightly edited.
Sam: When I log into a website, my browser will ask if I want to save the password. I always pick ‘No’. Do I want to be picking ‘Yes’?
Mike: There are different opinions on that. It depends on what is saving it.
Most people on a Windows computer are using Microsoft Edge to browse the internet. When you log in, it does exactly what you said and asks if you want to save your password. In the past, if you saved it, the password wasn’t even encrypted on the computer. So, if I got physical access to your computer, I could read all the passwords that you ever saved, which is not great. Even if I didn’t have physical access and I got remote access to your computer, I could read all your passwords.
Now there is at least one level of encryption on saved passwords. You would also have to type in your computer password to be able to view those others you saved, so it is a little bit better. It’s still not as good as a password manager.
The password manager has better encryption and can share the encrypted passwords across many devices. Password managers also require that you do two authentications. If I knew you were using “1Password” for your password manager and wanted to get into that account, even if I knew your email address, which password manager you were using, and your password, you would still have to authorize me to read them using one of your devices. It is a much higher level of security.
For your average person at home, saving the passwords in their browsers probably isn’t going to be the end of the world, but I would rather have them use a password manager. Some of them have free individual accounts these days. Sometimes you want them to sync to multiple devices and you must pay for that, but even that is not expensive compared to the alternatives. There are a lot of good options there.
The rule of thumb is that if you know your password for a website, you are probably doing it wrong. You don’t have to know all those passwords for all those websites if you have a password manager right there in your hand.
The idea is you have one unique password for access to your password manager. You could use a biometric like your face or a fingerprint, but there is also a password you could type. This should be a unique master password or LastPass you use only for your password manager.
You should never use the master password or any variation of the master password anywhere else. That makes it a secure password because it unlocks all your other passwords, which have
nothing in common. Then if one website gets hacked, you change the password on that one website, and you are not vulnerable across dozens, or hundreds, or thousands of others.
~ ~ ~ ~ ~
See part 5 of this interview in next week’s edition. If you have technical questions you would like to ask, email [email protected] with the title “Ask the Tech Guy”. Mike will respond to your questions in the Voices section of LocalNews1.org.
Mike Cermak is President of Cermak Technologies Inc, with offices at 46 South Potomac Street in Waynesboro and 201 Prospect Avenue in Hagerstown. For over 20 years, Cermak has managed computers and networks for businesses in Franklin County, PA and Washington County, MD. They specialize in IT services for small businesses, including computer service, system management, business phone systems, surveillance cameras, and website development. Cermak Technologies can be reached at (717) 762-8234, 1-888-4-CERMAK, or [email protected].
Samantha Wolfe is an attorney in Waynesboro PA, located at 20 East Sixth Street, Suite 206, Waynesboro PA 17268. She can be contacted at 717-655-2676, or through her website, www.skwlawoffice.com
