How do you keep track of all those passwords?
We’re supposed to create strong passwords which consist of several characters, lower and upper case letters, numbers, etc. We’re also not supposed to use the same password for everything. How on earth can we remember them all?
A recent study conducted by Imperva concluded that the top 5 most commonly used passwords were:
1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
The report said “The shortness and simplicity of passwords means many users select credentials that will make them susceptible to basic, brute force password attacks. Furthermore, studies show that about one half of the users use the same (or very similar) password to all websites that require logging in.” It then went on to say “To quantify the issue, the combination of poor passwords and automated attacks means that in just 110 attempts, a hacker will typically gain access to one new account on every second or a mere 17 minutes to break into 1000 accounts.” (Full report, PDF)
Okay, so the lesson is simple: create strong passwords to protect your private information. A strong password should consist of 8-14 characters or more (advice varies) and use a variety of characters such as upper and lower case letters, numbers, and symbols.
Taking that into consideration, the password you currently use which consists of your children’s birthdates (in order of birth, I bet!) or pet’s name probably isn’t going to keep hackers out of your account. But if you follow the advice on how to create a strong password, how the heck are you supposed to remember them all? As if keeping track of doctor’s appointments, parent/teacher meetings, hockey schedules and dance recitals isn’t enough! Sure, you could write them on a piece of paper and slip it into your wallet or purse but if your purse is anything like mine, a small piece of paper will go in never to be seen again, lost in a sea of empty gum wrappers, business cards from your hair dresser and dentist, receipts from grocery shopping, Canadian Tire money… (please tell me I’m not alone in this!).
Another solution to help you remember all your passwords is to use a password manager. A password manager enables you to store all your passwords in one secure place so you only need to remember one to access them all. You have a few options when it comes to password managers – you can buy software or hardware which stores all your passwords, or you can use free password managers which, though they often don’t offer as many features as the paid-for versions, may be all you need. Here are two freebies worth checking out that are rated highly:
What methods do you use to remember all your passwords?
Filed Under: My Online Life > Privacy-Security
Tags: free password management software, free password manager, online passwords, password security tips, strong password
KeePass is fantastic. The only thing I don’t prefer is some of its manual limitations which may have changed as of this comment.
My safety of choice for security, ease of use etc. is Roboform Pro or Roboform2Go (USB version). Not only are you able to generate secure passwords on on the fly, but @ 256 bit encryption, you can’t really ask for better.
The only thing that some may not like is that if you want unlimited use, you’ll have to upgrade for around $20-$30. There is a free version that can be great for light users.
Check her out here: No affiliate link crud, just direct.
http://www.roboform.com
Hope this helps for those who don’t know of it. 5 star tool for me.
~Jay
(Report comment)
5 star tool for me is Sticky Password
http://www.stickypassword.com
Because I hate toolbars and I want USB version of it always with me. It is cheaper, faster then Roboform. You can try it.
(Report comment)
We use Secret Server for our team.
http://www.thycotic.com
It does the enterprise stuff for teams – web-based, AD integration and active password changing on the network. Plus it also has a native iPhone front-end application.
(Report comment)
Apologies…just wanted to add that I haven’t looked in a while, but holy cow, they even have multi-platform versions for most smartphones now. Such as Blackberry’s and the like. :O Madness.
(Report comment)
Use words and number from childhood days which no longer exist or cannot be tied back to you. An old phone number which your mother made you memorized in case you got lost. Old words and numbers that are still well embedded in your memory. I also have three levels of passwords. The lowest one I use on many thing because it impacts nothing if discovered. A midlevel for medium security and a complex high level code for things that deal with cash. There are a few of the high level ones and this is kept also on a password protected spreadsheet. The password is never written on the spreadsheet but there are notes that will help me remember them. The notes mean nothing to people who do not know me well since I was a child.
(Report comment)
Great advice Albert,
In fact, that’s pretty much the same system I use in a way. Two reasons I changed to Roboform Pro. Laziness.
Auto logins that are encrypted mean I have less typing to do and remembering of “important” sites I frequent.
Also, since you seem very intelligent especially privacy wise, note this unless you know. Then pass it along. NEVER use Wi-Fi in public for anything private. Even if from your own laptop. Google “aircrack” to learn what the kids use for fun. As an IT pro & programmer my whole life I’ll say that the search I just gave you is one of the weakest tools.
Roboform will not save anyone either. These tools get it all unfortunately. Hate to make average people paranoid, but I ran an unlogged experiment a year ago. The results were mortifying. It’s a wonder that ID theft is such a mainstream crime these days.
Here’s to awareness for those that read this; and for the record I saved NO data that I mined in that project, it was simply to see how “safe” people think they are.
Many need to be educated before their lives lives are ruined by criminals. It happened to me and I am an industry professional.
Anyway, thanks for your tips. People who even go that far as you describe will be somewhat safer with passwords and data.
Peace,
~Jay
(Report comment)
Hmmm
Some very good ideas discussed here. I agree that you can never trust a public network, even WEP protected networks can be cracked in mere minutes. I cannot say I have never used Aicrack, though never for malicious purpose. I used to use KeePass Portable for safe storage, but now I have aquired an IronKey, I find it does a better job.
Remember, no Excel file is ever safe, so that is a big NO for password storage.
Stay safe on the web, and don’t become the next vicitm of identity theft!
(Report comment)
I use Sticky Password
http://www.stickypassword.com
It is great for web pages and applications also. It does everything automatically, so there is no need copy it or rewrite it like in Keepass.
(Report comment)
[...] say you can use their website to create very strong passwords, but a word of caution about that is in order. The website doesn’t actually generate [...]
(Report comment)
[...] with this post – I’m simply opening the subject for discussion. Do you think that complex passwords provide the best protection for your online accounts, or that shorter passwords can be equally as effective? Leave a comment [...]
(Report comment)