How To Avoid Password Overload While Improving Security
Passwords are a pain – a necessary evil in the Internet world, for sure, but evil nonetheless.
If you’re like me, you have dozens of passwords for a multitude of programs, web sites, and settings. Managing those passwords and user ID’s is a real pain, but there are ways to make it easier and improve your online security as well.
One thing you absolutely should not do is to use one password for everything from YouTube to your bank. If someone gets hold if it from one insecure site everything is vulnerable. Another rule is to not be obvious – “password” is not a password, people! Your name, social security number, and birthday are off limits as well because this information can be easily obtained if someone wants to hack your account.
Having unique passwords for each site is extremely secure, but also a little overkill in my opinion. I suggest an in-between measure: having a small set of passwords ranging from the simple to the complex to use with all your sites depending on the content of the site.
A simple password shouldn’t be too easy, but can be as simple as an easy-to-remember word with some numbers attached, like “4strawberries”. Simple passwords can be used on sites where you don’t share personal information and just have a personalized account, such as Hulu or Pandora.
More complex passwords should be used for more secure areas such as Facebook, where personal information is attached to your account. Increasing complexity increases security by introducing more random elements, which makes guessing your password more difficult. You can introduce complexity by using numbers, capitalization, and in some cases symbols. Using information like your license plate number (JKE2843) or a friend’s birthday and initials (33171TJ) will greatly increase your security. Another method is to substitute numbers for letters (4 for A, 3 for E, 1 for I and so on) in a word. The kiddos call this “leet” or “l33t” by the way (try this leet translator!). “Steelers” could become “$t331erz” for example. The more random-appearing the better.
For really secure information – bank accounts, credit cards – create a password from either combining elements from the above methods into one long string (JKE284333171TJ). You can also take a phrase that’s easy to remember, use the first letters from it, and apply leet to it to come up with a good random password: “O, say can you see, by the dawn’s early light” becomes “OscYsbtd3L”.
Still, how do you keep track of all these? One method is to use the autofill feature of your web browser, which will often remember less-secure passwords for you when you input the correct user ID in some sites. If you’re more security-minded, turn off autofill and use a program such as RoboForm or KeePass to keep track of your passwords. These programs require you to only remember one master password and then keeps track of everything else. It can even create random passwords for you. However, if you access your accounts from more than one location, you’re out of luck as these programs are local to your computer.
I use a very low-tech tool to keep track of my passwords: good ol’ paper and pencil. That way if the computer goes down or stolen, your passwords are safe with you and portable.