AFTER THE LASTPASS HACK, WHY PASSWORD MANAGEMENT IS STILL THE WAY TO GO
Although Lastpass is more of a consumer oriented product with a cloud service, it holds a lot of similarities to all products in the privileged identity/account space. The basic premise is to 1) make all of your passwords unique 2) store them in an encrypted way and 3) ensure that they are always available.
Any type of password management definitely beats notepad, MS Excel or writing passwords down on a piece of paper. As humans, sometimes we feel that because an action takes time that we must have accomplished something. This leads to a false sense of security. Automated solutions, or even just automated storage is far better than storing passwords manually.
BEST PRACTICES FOR PASSWORD MANAGERS
SUPPORT PASSPHRASES FOR AUTHENTICATION
Passphrases are more secure than regular passwords and much easier to remember.
This site has a great way of showing you the difference.
My Entropy is the bomb!
Which one is easier to remember?
ALWAYS USE TWO-FACTOR AUTHENTICATION
CHANGE PASSWORDS OFTEN
The more automated the better. Your password management solution should do this for you.
Celebrate with coffee that you are not in the dark ages anymore