Summary (details below):
|What it does:||It’s a password manager: it securely remembers all your account logins, enables you to login in with one click, syncs logins across all your devices, generates and stores new passwords. Full details below|
|Where to buy:||Roboform|
|Price:||Free for a single device, from US$23.88 to sync across all your devices|
Please assume any links on this page are affiliate links. An affiliate link means I will get a small commission if you decide to buy the product, but it will not affect the price you pay. The price you pay is the same, whether you buy it through my link or go directly to the site.
I use the same password everywhere – why would I need a password manager?
Well, because if you use the same password on more than one account, no matter how secure that password was, it is now an open door.
Here’s the thing: the hackers are extremely smart, and they use a lot of very clever software to help them do their dirty work.
Guessing usernames and passwords is, for them, their daily bread and butter.
They use software that can make many millions of attempts a second to guess the username and password of any account they choose to try to hack.
And when they are successful, the login credentials they have discovered are the first to be tried on other accounts belonging to the same individual.
I, too, was one of those who used the same password on multiple accounts. Pretty much everywhere, in fact.
But I was lucky. I got away with it. Not everyone is so lucky..!
A real-life example of someone who wasn’t: a friend who used the same password on all his accounts recently called me up because he had received an email in which the sender displayed the password my friend used and told him that unless he paid money all his accounts would be hacked. The password they displayed was correct.
Long story short: he got away with it that time – either the hacker was benign (extremely unusual!) or he managed to create unique passwords before they locked his accounts down.
After our discussion he created new passwords, and he did it using Roboform – a password manager that finds and changes duplicated passwords, and then stores them securely.
Actually, given that he also got away with it you could say he was lucky too – but he had a closer shave to disaster than I did!
From the example above, you can see that using the same password on all your accounts is definitely not smart. Easy, yes. Convenient, yes. But not smart.
Using unique passwords on each of your online accounts minimises the damage a hacker can create in your life if they happen to hack one of them
How to create secure passwords?
So the next question becomes: ‘how do you create secure passwords?’
Quite simply, it’s a question of mathematics.
Anyone (or any computer program) attempting to guess your password must get all the characters correct and in the correct order.
Here’s a simple example:
If we assume there are 88 characters available (upper- and lower-case letters (52) numbers (10) and symbols (26)) then, if you have a password of 1 character, the hackers will get it within 88 guesses.
But if you add just one additional character, to make it a 2-character password, then they will need 7,744 guesses.
The number of guesses required (and therefore the strength of the password) increases exponentially with the number of characters you add to your password.
I always use at least 13 characters.
And the next question, of course, is how can I can expect you to remember unique, 13-character passwords (let alone different usernames) for each of your online accounts.
To which the answer is to use a password manager.
I have used the Roboform password manager since 2006 – here’s what it does for me:
- Remembers my username and password details for every one of my online accounts
- Securely logs me in to each of my accounts with one click
- Stores my login details for all my accounts securely, encrypted, and protected by a master password
- Generates and saves unique, secure passwords for each new online account I set up
- Audits my existing passwords to find duplicates
- Synchronises my login details across all my devices so I can access any account quickly from anywhere
- Fills in forms that I need to complete on different websites – e.g. billing and delivery details for my online purchases
I should point out here that many browsers offer to safekeep your login details. Even though they require a Master Password to protect your login details they are not kept as securely as a password manager would store them, and they are not synchronised across all your devices.
Quite simply: I would advise against using your browser to store your login details. They are too easily hacked.
How to set up Roboform
Got to the Roboform website and download the application. The Roboform website will know whether you’re using a Mac or a PC (Windows) and will present the correct version of the app to download.
Install the app on your computer and follow the on-screen instructions. You’ll need to follow these carefully because there are slightly different things to click depending on the browser you’re using and, with Firefox, you will also need to add the app through the ‘Addons > Extensions’ screen in Firefox.
It all works smoothly as long as you follow the instructions..!
The different browsers also let you access Roboform in slightly different ways. With Firefox you have two options:
- A button in the top toolbar to the right
- A tool bar across the bottom of the screen
In Chrome and Edge you only have the button in the top tool bar.
To access your logins in Edge and Chrome click the Roboform button in the tool bar and then click ‘Logins’ – your accounts will be displayed. In Firefox you can also click the Logins button in the toolbar at the bottom of the screen.
Using Roboform day-to-day
Each time Roboform recognises a new login it will give you the option to save it and you can assign a name to the login (called a passcard in Roboform). These names then appear in the list that’s displayed when you click ‘Logins’, and clicking them will take you to the login page and log you in.
One trick I learnt early on: When I set up a new account I don’t accept Roboform’s offer to save the login when I initially create the account details. The reason is because you often arrive at the sign-up page via different routes – e.g. from a referral, from an advertisement, from a recommendation, etc.
Usually these different routes have specific URL tracking codes added, and they take you to the sign-up page, which is often different from the log in page. Since Roboform is saving the URL of the page where you’re adding your details it may end up saving the wrong URL.
Therefore, I create a password manually, make a note of it, log out, go to the login page and log in again. Roboform will once again ask if you want to save the details and that’s when I click yes and give the login passcard a name.
Once you’ve logged in you can get Roboform to generate a new password, change the previous password in your account details and Roboform will save everything.
If you log in and change your password manually, Roboform will ask you if you want to save the new password. It warns you that it will replace the existing passcard details and you just need to click OK to have the new password securely saved.
I would recommend, though, that while you’re getting used to Roboform you keep a manual record of the first few passwords that you create. Once you’re comfortable with Roboform you can dispense with this.
Benefits to me
Here are the benefits to me of using Roboform:
- I have secure, unique passwords on each of my online accounts that I don’t have to try to remember
- I can log in to any and all of my accounts with just one click: Roboform takes me to the login page and logs me in, securely
- I can login securely to all my accounts from all my devices, wherever I am. This is a huge benefit given that I travel quite a bit
- My login details are stored in Roboform’s secure cloud storage, so if my computer or smartphone is stolen my login details are safe.
- I only ever need to remember one password: my Roboform Master Password.
To get the full details on Roboform, please visit the Roboform website:
How do you manage your passwords? Let us know, and if you have any questions please don’t hesitate to leave a comment below – I’ll get back to you as soon as I can
Owner – WP Security Basics