Security and Passwords are extremely important to the Photographer’s Workflow
How can you prevent being a victim? Or worse yet, having your friends, family and photography followers victimized by emails that they think came from you? Use hard to guess passwords and never use the same password in more than one location. But that last part is the most difficult, keeping up with all those passwords.
There are several password management apps out there, and some people use a password protected Excel file. Personally, I use 1Password from the AgileBits company (about $3 per month, billed annually). Not only does 1Password keep up with my website passwords, but I also use it for other bits of important information that I need to access in multiple locations.
As long as I have my phone or my computer, I have access to any password I’ve ever created.
1Password has plugins for all major browsers on both Mac and PC, so all I have to do is visit a website and my password is just a couple clicks away. Even better, you can integrate it into your phone using their downloadable apps.
What on EARTH does security have to do with photography?
A lot. In fact, both professional and hobby photographers with any decent follow count, or photography club subscriptions are susceptible to email scams. Criminals want your contact list full of friends, family, followers, fans, and coworkers! In Part 1 of our A Photographer’s Workflow class series, I talk extensively about the security of our email, websites and photography assets.
It’s hard to believe, but a lot of people are still falling for basic email scams, including the top 10 scams that internet users have been seeing for decades. Why are these scams still so popular? Because criminals use the good name and reputation of friends and family to trick their way into wallets that don’t belong to them.
A really good example is the “I’m stuck in a foreign country” scam. This scam preys on your friends and family by tricking people into thinking you are stuck in another country on a photography job or vacation and need money fast. The scam is so prevalent and convincing, that AARP published a full member security alert explaining how the scam works, and how to avoid it.
So your friends, family, photography followers and co-workers are enjoying seeing all the pictures you take in different locations — and then suddenly get an email saying you are stuck in a foreign country and need them to wire you $500 ASAP. Knowing that you post photos of exotic places, some people may not think twice about trying to help you out — only to get scammed out of their money — in YOUR name.
In order for this scam to work, the criminal must have access to people you have friended, followed, are following you, or you have corresponded with (examples: email, facebook, twitter, etc). They harvest that contact information and then start contacting important people in your life, pretending to be you in distress.
Compromised passwords can be disastrous for your reputation and business
Even if none of your friends, family, and co-workers fall for the scam, it still reflects badly on you because you allowed their contact information to fall in the hands of criminals!
If the passwords that are compromised includes access to your employer’s data, such as clients you have in your contact list, it reflects not only on you but your employer as well. Some companies have extremely strict guidelines for passwords, and violating those guidelines can result in termination.
How do criminals get this information? 2 ways:
- Weak passwords.
- Using the same password in multiple locations, and one of those locations is “hacked”.
My own “Strong Password” mistake
I used a relatively hard-to-guess password that I was very proud of. This led me to a sense of security, that no one could guess this password, therefore I should be perfectly safe using it everywhere. In 2011, the Sony PSN system was hacked, and user passwords to the system were possibly released.
Well — that sucks. To stay safe, I logged into as many different websites as I could remember and changed all the passwords — to yet another single “strong” password that I was very impressed with. This took me nearly all day, logging in, changing passwords, logging out, testing the new password, etc, over and over and …
Within a few months, LinkedIn was hacked, again releasing a large dump of data. So I was faced with yet again having to change all my passwords.
1Password’s Password management system
I had read about 1Password, but until the Sony PSN and LinkedIn hacks, paying someone else to keep up with my passwords seemed kinda silly. But the extremely reasonable cost for the security of my personal and professional information, as well as my reputation among family, friends, co-workers, and clients was now obviously worth it.
1Password provides you with an interface with a single password, your master password. This password is never shared or transmitted, and it’s not stored anywhere that people can hack for it. You know it and only you. In order to open 1Password, your Master Password must be provided. If you’re using a device with a finger reader, such as iOS iPhone, you can unlock the password bank with your touch.
Now, when you are on a website and need to log in, you simply click the 1Password icon and type in your master password. 1Password will provide you a list of accounts you have with that website (if you have more than one), and a button to autofill the username and password. That’s it!
So now every website has a unique password, and you only have to keep up with one.
1Password works across multiple browsers and devices. So you can even install it on your work computer without worry should you choose to exit the company.
Why 1Password
I started using 1Password because they were first-to-market and highly recommended. There are several other companies with Password protection systems now. And many offer some of the same features as 1Password. But having been in the business for over a decade, 1Password provides the largest group of features and best overall compatibility will every device and platform I work on.
Plus, their website support replied to my questions really quickly when I was first getting started, and the new support website has very detailed step-by-step instructions for both new and seasoned 1Password users.
1Password currently has a 30-day free trial.
What’s your password strategy?
Have a solid strategy for password and security other than 1Password? Comment below!
