The Password Nightmare
First, let’s start with the worst password advice we’ve ever heard – “Don’t write your passwords down”. It’s that kind of advice that led many of us to using the same password for just about everything. And if you have actually taken the time to create separate passwords that may also include random numbers and symbols for all your accounts, you know the nightmare of safely storing them and accessing them. Fess up – we know some of you have post it notes with passwords stuck to your computer screen. So is there a simpler, easier password solution? Yes. While clearly none of our data and passwords are ever completely protected, here is some advice from experts and a few simple steps you can take to make your passwords and data a bit more secure and easier to manage.
- Use Passphrases, Not Passwords
There was great article in the Wall Street Journal recently about the guy who actually invented passwords saying he got it wrong. His original recommendations which became standard, were that we use characters, capital letters and numbers and change our passwords regularly. We all know how well that advice has worked. He now says, as do many other security people, to use passphrases.
What’s a passphrase?
It’s a long group of words that use spaces too, that’s easy to remember. And can be easily changed too. An example of a passphrase is “blue skies, no clouds!” So, think of a phrase or words that are easy for you to remember. It’s also more secure than typical passwords because it makes it much more difficult for hackers.
Changing Your Passwords often is NOT necessary (unless there has been a databreach) – most experts, including the guy who invented the password guidelines, now say it is not necessary and does not make your data more secure.
- How to store your passwords
Unless you’re a savant, most of us need to store those passwords somewhere. Again, nothing is 100% secure, but here are some good solutions:
- Create a Google document at google.com. (The password to this secure account is the one to remember.) In the file, list all your log-in details, including screen names. As long as you have internet access you can access your passwords.
- Use your browser. All browsers, Chrome, Safari, Firefox, have password management systems. In the Chrome browser, for example, it’s on the Settings pane behind Show advanced settings and Manage passwords; in Firefox, look under the Security tab on the Options page; Opera, Safari, and Microsoft Edge all have similar built-in tools into their respective settings.
- Use a password keeper App. There are several out there, most charge a modest fee. Here’s a great roundup article from PC Magazine that rates password managers, and also explains why you should have one.
- When you’re not using your computer, TURN IT OFF.
- On your mobile device, turnoff Bluetooth when you’re not using it.
Has Your Password Been Stolen?
Here’s an excellent video from the WSJ’s Nathan Olivarez-Giles explains how to see if your personal info has been taken in a hack, and what you can do to be safer