Passwords are one of the necessary annoyances of the web. The problem with security, though, is that the stronger it is the hard it is to use. The more complex a password is, the more secure, but the harder it is to remember. This leads to using the same password for all your web accounts.

The reason that using the same password everywhere is dangerous is that web sites have occasional security breaches. Hackers will break into insignificant sites and steal their list of usernames and passwords. Then, they'll use this list to test out more important sites (like banks and shopping sites) to see if the same username and password was used anywhere else. This is the most common way, for example, that hackers get into email accounts and send spam to all your contacts. The solution is to use a different, complex password for every site that you visit. The challenge is remembering those passwords.

That brings us to services like LastPass, my preferred password management service. Here's how it works:

1. Create an account with LastPass, choosing a single, memorable password
2. Install the plugin on your web browser (it works on all of them)
3. LastPass will import any sites you've saved in your browser, and hen you log into a site it will prompt you to store it in their system
4. When you sign up for a new account, LastPass will help you choose a complex password, then store the new site in their system

This is all the easy part. The only challenge is that LastPass can't go through and change all your passwords for you. You have to do that on your own, but LastPass will at least assist you by making up the passwords and storing them for you.

Once you're done getting all your sites into LastPass, when you open your browser, you log into the service once, and now any time you need to log into one of your sites LastPass will automatically do it for you. You only need to remember one password, but each site you use will have a different password.

LastPass also works on mobile devices, which is the only time you have to pay them anything. They charge $12/year for mobile access, which is well worth it. On Android, LastPass can even log into your apps for you.

Some other features of LastPass:

• Form filling function: I never have to type my name and address into a form because the service does it for me.
• Security audits: the service will create an assessment of all the logins you import into it, and show you where you're using the same login in multiple places, and assess how strong your overall security is.
• Heartbleed: LastPass will keep track of which of your accounts are affected by the Heartbleed bug. They'll update their site to let you know when you should change your login info on those sites.
• Two-factor authentication: in a future post I'll discuss two-factor authentication, but LastPass supports it, which is good.

All of the data stored on their servers is encrypted, and security experts have determined the service to be highly secure. As an added bonus, they're a local company founded in Vienna, VA and currently operating out of Fairfax. I've been using LastPass for almost 5 years now, and I I consider it completely safe to use. I find it invaluable. If you need any assistance setting this service up, contact 3TG for help.