The ideal password should be unique for every service you use, and should probably look something like this: Kl@o9!cb>Xm2G-9.
Repeatedly generating and then maintaining that kind of complexity is not exactly practical. Yet with each passing major password theft, it seems that creating insane passwords and storing them on an encrypted flash drive are the only way to keep one's data and identify safe.
Fortunately, there are better choices. LastPass is a solid password manager that is the most pain-free and secure method for stepping up your security on Android. While 1Password and other competitors have good solutions, LastPass connects more deeply to Android-specific features, like syncing passwords across the desktop, browser, and mobile apps.
Getting started with LastPass
If you have yet to create a LastPass account, do it on the web before downloading the app. While the application is very good at the setup process, it is still faster to type and navigate through this introductory phase from the desktop.
LastPass will require some ominous-sounding permissions, but agree to them, as this empowers the app to sign in to your accounts on Chrome and Android apps.
LastPass will ask you to create one master password (this may be the one you actually want to write down and keep somewhere safe). Then it will run in the background of your browser and ask for permission to save passwords when signing in to online accounts.
LastPass solves what is a typical headache when downloading an app: remembering the password connected to the service. When launching a new app, a LastPass dialog box will launch that offers to log you in. Just sign in with your master password and LastPass will then connect you to the app. No need to remember your 12-digit ESPN account created nine months ago if it has been saved in LastPass.
Works well across desktop and Android
LastPass also connects passwords and any log-in data you have stored (such as email and physical addresses) in Chrome on Android 4.3 and above. Galaxy S5 owners can use the biometric fingerprint sensor to verify with LastPass.
The ultimate test was logging in to a site I use daily, changing the password, and determining if LastPass would remember the new password when signing in on Android.
I did this in Chrome on the desktop, then then launched the mobile application for this same service. The LastPass password box launched, prompting me to enter my master password. After doing this I was granted entry to the app without needing to reenter the new password LastPass created.
If asked I couldn't tell you that new password, which is much of the premise of LastPass. Instead of memorizing them, the passwords are saved in LastPass's Vault. The passwords can then be viewed, edited, or deleted from the app.
For extra security you can use the LastPass app to jump to password-protected sites. Even though you can do the same thing in Chrome it is faster through the LastPass app and puts the other account services one touch away.
Another interesting feature is Secure Notes. This is a space to keep bank information or other snippets of text that you may not trust to another service or pen and paper. The only issue here is accessing them requires navigating through LastPass, while it is faster to get to notes from a service like Google Keep or Evernote.
The LastPass app also extends many of the website's features, such as the ability to generate a one-time password, edit form fills, and view the Vault.
Occasionally when exiting out of an app the LastPass login box would still hang around on the screen. Usually this happened if I chose not to log in to the app. So avoid doing that in order to skip this occasional minor nuisance.
LastPass Premium is $12 per year, which really feels like a bargain after seeing how well the service works. The Android app will let you try things out for 14 days before requiring a subscription.