It seems like everything you do on any of your digital devices requires a password and the requirements for these security codes are getting more and more extensive. Some sites don’t allow words that can be found in dictionaries, while others don’t want any logical sequences or personal elements like a house number, street name, zip code, birth date, birth year, child’s name or pet’s name. Many accounts require your password to have both uppercase and lowercase letters, as well as numbers, special characters and a specific minimum and maximum length. The list goes on and on.
So while you might still use poodle1234 to log into your old email account, that password may not get approved for more current accounts. You probably don’t want to use the same password across multiple accounts, anyway.
The strongest passwords are typically long and random, as this makes them harder for hackers to guess. Because of this, passwords often end up looking like gibberish, like: (&cR=x?fae~c[R5GAs3AN4?.
Remembering Complex Passwords
It isn’t easy to remember all of these long, random, complex passwords and some websites disable password saving on their login screens, but there are password managers that can help. They’re available from a variety of sources, including anti-virus software providers and standalone password services. If you’re looking to try out a password manager tool, but aren’t sure where to start, we’ve highlighted four common ones below to help you get started researching your options.
It’s important to make sure you feel safe with any of these options, as you don’t want your passwords to fall into the wrong hands. A weak password could help make you a victim of identity theft, which can wreak havoc on your finances. While you’re beefing up your passwords, another good practice is to regularly monitor your credit for signs of identity theft, like a sudden drop in your scores. You can check two of your credit scores for free here. (Note: The password managers below all use encryption to protect your data.)
There are a number of services that will help you manage your passwords, though you'll have to pay a fee for some features. These services all differ slightly but work on the same basic principle: Each is an online storage locker of your passwords, all hidden behind a single password that only you know (meaning you can't recover your master password from anywhere but your brain). Password managers also offer other perks, such as a place to store secure notes, credit card numbers or information for filling in Web sites. You just have to install the programs into your Web browsers to record your login information as you surf.
So which password manager should you choose? According to Consumer Reports, “as long as it’s a name brand”—like 1Password, Dashlane, KeePass or LastPass, are the four most popular options. Some password managers charge a monthly fee, while others are free. Which manager you use largely comes down to your personal preferences.
Easy (aka, lazy) methods
Write them down?
Alright. This might sound crazy right off the bat. But one really easy way to keep track of your passwords is to write them down -- on paper. Yes, conventional wisdom has said for years that that's a bad idea, and you're in huge trouble if you lose your list. But with so many accounts to juggle nowadays, chances are that you'll be tempted to reuse your passwords if you can't remember all of them. So, writing them down isn't so nutty.
Ideally, you should memorize your most important passwords. But even security expert Bruce Schneier has recommended writing down passwords and treating that list like you would any other valuable document, which is to say with a high degree of security -- no sticky notes on your monitor that say "conglomeratebank.com: jdoe/password123."
As illustrated above, there are definitely bad ways to do this. Getting into an account normally means having to know three things: the location of the account, a username and a password. If you can manage it, don't put all three of these pieces of information in the same place. Similarly, don't do silly things like keeping your bank account password next to a credit or debit card that has your bank's name on it.
What if you want to write everything on a spreadsheet stored on your computer? The same rules and risks apply. And if you want to put that file in the cloud, the stakes are even higher. A cloud spreadsheet is not the place for your most sensitive accounts. If you must do this, confine your cloud spreadsheet to the accounts you would be reasonably okay with getting hacked. And at a minimum, name the file something other than "Passwords."
It's up to you to evaluate the risks, the pros and the cons of your choices.
« Return to "Articles of Interest"