Almost every site you visit requires a password and the strongest passwords are impossible to remember. How many times do you stare at that blank “Enter Password” box and rack your brain to fill it? The advice is dizzying: Don’t use real words, use real words, use upper and lower case, don’t use fewer than 8 characters, use numerals and symbols — aiee-yiii-yiii, it’s enough to make you crazy!
Common knowlege says that nothing is hack-proof. If someone really wants to get your info, they will. But a good password is like a barking dog — it will deter the casual hacker and decrease your odds of a break-in.
Here are a few tips to help you secure your online information and keep you out of the loony bin:
Once is enough
Never repeat a password for sensitive sites. Sensitive sites include banking, investments, credit cards, etc. If one is compromised, the others are at risk.
Longer is better
Shoot for 15-20 characters if the site allows. In all the articles I’ve read, one of the constant pieces of advice is “go long.”
Use a book
Open a book at random and choose a sentence. Use the first letter of each word as your password string. Or close your eyes and drop your hand on the page as if you were playing a piano. String together the five words your fingers touch.
Sing a song
Use the first letters of the lyrics to your favorite song.
Add numbers & symbols
Put dashes between groups of characters. Add numerals – for example, use the last four digits of your childhood phone number. Scatter random symbols throughout your password.
Store & Manage
Click “Forgot your password?” at every login. Create a new password using the hints above each time you log on to your sites.
A low tech method is to create an Excel spreadsheet with columns for site name, username, password, or answers to the security questions. Each time you create a new password, add it to the spreadsheet and sort by site name. Save it to a thumb drive or “hide” it on your computer with a hard to guess alias, NOT “my passwords.” This is not a particularly secure method.
Your browser will remember passwords. The risk is that anyone with access to your computer can find them. Firefox is the only browser that encrypts and password-protects your logins with a master password.
Head in the Cloud
There are many online password managers to choose from. Many of these have built-in password generators. All you need is one master password. Some managers have bare-bones free versions and feature-rich paid versions. It depends on your comfort level with online storage and what you need. LastPass and 1Password for Mac receive consistently high ratings.
Whatever you do, don’t use a simple, easy to remember password. It may seem clever to you, but I guarantee it is not secure. If you use it for all your sites, you are open to tremendous risk. Set it a goal right now to change the password to each site you access over the next days and weeks.