latest updates from easySERVICE™
Passwords are a big problem. They can be made very secure, but only by making them unusable. To use passwords securely, you need to make them complex, not reuse them on different sites and change them periodically. Humans can’t do that by themselves. That’s why password managers were invented.
This week LastPass, one of the major companies in the password manager business, made an announcement that fills in one of the last great gaps in password management: compatibility with mobile apps and browsers.
Password managers keep all the user’s usernames, passwords and the sites for which they are used, in a strongly-secured database. When the user accesses one of those sites, the password manager fills the appropriate fields and logs the user in. This arrangement means the user only has to remember one very strong username and password for the password manager itself, and then passwords for the sites can be unique and random. Password managers will also generate strong passwords and some, like LastPass, support two-factor authentication for access to the database.
There has been one glaring hole in this arrangement until now: mobile apps and browsers. Mobile operating systems have stronger security designs than desktops, and generally prevent one app from directly accessing the data of another, as password managers do with login forms.
So users of password managers and mobile apps have to manually go to the password manager, copy the username and password to the clipboard and switch back to the app and paste them into the appropriate fields. And since there’s just one clipboard you may have to do this twice. LastPass also comes with their own mobile browser, based on the free, open source Dolphin browser, because they couldn’t stuff fields in Google’s Chrome.
The latest version of LastPass for Android can work with mobile apps and other browsers very much like it does on a PC. When you get to a login screen on an app, LastPass pops up to offer you the appropriate login.
It’s not quite as polished as it is on desktops. Sometimes you have to touch in the login field before LastPass pops up. Some sites make things difficult by marking the fields as non-editable. But these are the exception rather than the rule, and they tend to go away as companies like LastPass reach out to the sites about the problems.
Source: Associated Press