You can improve the security of your online accounts by following a few simple password rules. Important in this regard are for instance the rules to never use the same password multiple times, and to select secure passwords and not weak ones.
Duplicate passwords can lead to a serious problem. Imagine one of the sites getting hacked that you used the password on. The attacker may decrypt the password and try it on other popular sites in hope that it may work in combination with the selected email address or username as well.
Weak passwords on the other hand are either guessable right away or easily decrypted via dictionary or brute force attacks. Selecting password, princess or qwerty as your password guarantees that attackers can decrypt it in record time to access your account.
The company behind the online password manager Last Pass announced two additions to its password manager that help users identify weak or duplicate passwords. The feature is currently only available in the Chrome version of Last Pass, but will be added to the company's other browser extensions in the near future.
It is activated by default and indicates a weak or duplicate password by changing the extensions' icon color to yellow in the browser's address bar. The password seems to be tested during log in only.
When you click on it, you open an explanation of what Last Pass detected. It displays the type of issue, weak password or duplicate password, explains what it recommends you to do, and displays the domain and user name of the site.
You can now change the password on the site, since you are logged in on the site. Last Pass will detect the new password and offer to change the current one to it.
If you do not want the alerts to be displayed in your browser, you can disable them with a click on the disable alert pulldown menu. Here you can disable the alert for the current website, or all weak or duplicate site alerts instead.
Here you can open Last Pass' Security Check as well which opens the page on the Last Pass website to run a check on all accounts in the database.