How do I manage RSI
Manage your logins with a password manager
- Audio & Podcasts
- Current article
A login for all websites is convenient, but carries great risks. The alternative: a password manager.
Author: Méline Sieber, moderation: Sandra Schiess
To subscribe to this podcast, you need a podcast-compatible software or app. If your app isn't in the list above, you can simply copy the feed url into your podcast app or software.
It's very convenient: we can log into many websites with a Facebook or Google account. So we don't have to create a separate account for websites such as Tripdavisor, AirBnb or Ebooking, we just have to give Facebook or Google the OK to allow us to log in to these third-party websites with the same login data. It's practical and convenient.
But with this we create a single, major weak point: If information about our Facebook login ends up in the wrong place, attackers can also access our data on all of these authorized third-party websites. This is exactly what happened last week: Unknown people stole data from 50 million Facebook users (Facebook statement). Part of the theft was not the login data itself, i.e. user name and password, but so-called “access tokens”. These give the okay that a user can log into a third-party website via Facebook. The attackers can use these "access tokens" to access these authorized websites without knowing the Facebook login data.
The incident illustrates that while single sign-on is convenient, it involves major risks. The only remedy is inconvenience: Always create a separate login for each web page and avoid single sign-on. This leads to an abundance of login data that can best be managed with a password manager.
These password managers are recommended:
- Under “Facebook settings => Apps and websites =>“ Active ”tab, check which third-party websites you have activated“ Single Sign-On ”for your Facebook login and can deactivate it.
- Do not use any (password-protected) Word or Excel files for password management.
- Password managers also help create good passwords.
- Password managers primarily run locally on your computer, but are also available in the “cloud”. While this allows you to access your passwords from anywhere, it poses an additional risk.
- The password for the password manager should be treated like other sensitive content: Write the password clearly legible on a piece of paper and keep it like the jewels of the great-grandmother or the tax return. Because if this one password gets into the wrong hands, all of your remaining login data will also be compromised.
- Make a regular backup of your password manager on a separate medium (CD, USB stick, external hard drive). Password managers often offer this backup option within the program.
- Audio & Podcasts
- Current article
- What is the essence of the experience
- Has Obi Wan died a virgin
- Are men interested in cellulite
- Nazi Germany had computers
- What is a paper ring
- When does the market open
- How should we learn for UPSC ourselves
- Every American should practice politics
- Why does Allah hates divorce
- Why is Marmite so salty
- What are the subgenres of science fiction
- Can offend a blocked punt
- Does existence have an intrinsic value
- What is the best age to get veneers
- Odin lives in Denmark
- What is unique about Wolfram Mathematica
- Have Dutch citizenship on Curacao
- How is SIP useful
- How are planes transported
- Can I get to UNC Chapel Hill
- How do you make ragu taste better
- Why do rappers call their guns Nina?
- Liquid eyeliner is difficult to remove
- A vacuum can contain a liquid