Security
Just like backups, the best security protocol is the one you will use.
Passwords
Too many people re-use the same password or minor variations across multiple sites. This is a terrible idea. If one of those sites is compromised, then all of them are.
Have you been ‘pwned’? Data breaches, in which thousands or millions of user accounts and passwords are leaked on the internet, happen regularly. You might be shocked to find that one of yours is among them. Enter your email address at HaveIBeenPwned.com to see how many data breaches it’s been involved in.
Passwords vs passphrases
The best password to use is a passphrase. The length of your password is more important than whether it includes special charaters, numbers and so on.
Password managers
The best way to keep your passwords different and secure is to use a password manager. Getting used to using a password manager is a great investment in your overall experience of using the Internet. Most password managers have browser plugins that can fill login forms automatically.
-
LastPass: Griffith’s supported password manager. It is available to all staff.
-
Bitwarden: free and open source, multiplatform, simple to use. Very modern and well-regarded.
-
1Password: high quality commercial (paid) option. It’s been around along time and has a good reputation.
Our recommendation: Bitwarden
Although LastPass is a partner of Griffith and is offered free to staff, the app is not as seamless as Bitwarden, and your license will not come with you if you leave Griffith. For that reason, we recommend going with Bitwarden.
The future is passwordless
Soon, there won’t even be a need to keep a password manager handy, let alone remember all you passwords. A new standard being adopted and promoted by all major technology vendors, will allow your device (whether it’s a computer or a mobile device) to generate unique, unguessable and unhackable login keys. Because they’re stored by your device, you’ll never forget them. And because you never see them, no scammer can ever trick you into divulging them.
Here’s a video from Apple’s 2022 Developer Conference that explains things in more depth.
Expect passkeys to become a login option for many of the major technology platforms in the next 12-24 months.