How Are You Creating, Remembering or Storing Your Passwords?
The trouble with passwords is that we're told that they should be at least eight characters long with numbers, symbols and capital letters. Not only that, but we are supposed to have a different password for every site we use. The conundrum is how we're going to remember all of those passwords.
I'm going to give some insight on how you can create strong passwords and keep them safe without having to remember all of them.
Use a Password Manager
The first choice you need to make is what service you're going to use to save all of your passwords. There are multiple choices from free to paid. Here are a few of the popular services:
- LastPass (free & paid) - LastPass is an online password vault, which allows you to have one master password to keep all of your individual passwords. It will also auto-fill online forms. There are browser extensions and a mobile application so you can use it on any device.
- KeePass (free) - While similar in purpose to LastPass, KeyPass is primarily an offline application. It's open-source, so there are a variety of unofficial versions for mobile devices. KeePass allows syncing your passwords between your machines with the use of your Dropbox account.
- 1Password (free & paid) - This app has a very nice polished look. It supports multiple platforms/devices and also allows syncing your passwords between devices with a Dropbox account.
Create Unique, Strong Passwords
Now that you have picked a password manager to hold all those passwords for your accounts you need to create some "random" passwords. There are a number of methods to generate them, such as passwordsgenerator.net. But a realization was brought to light with these random letters, numbers, and characters. It's actually harder to crack a password that has 4 random words put together! This comic from XKCD explains why in a silly manner.
Regardless of your method of creating your passwords make sure you never use any mix of personal information such as birthdays, dates, names, social security numbers, etc.
Enable Two-factor Authentication
Another method for keeping your accounts safe would be turning on the "two-factor authentication" system for those applications. Google, Dropbox, Wordpress, Paypal, LinkedIn Facebook, and Twitter are just a few companies that offer two-factor authentication. With this method, a hacker would need to know not only your username and password but would need to have a 6-digit pin that is only valid for ~30 seconds before it generates a new pin. Two-factor authentication means you need "something you know" (like a password) and "something you have" which can be an object like a phone. This makes it impossible for someone, or some thing, to brute-force your account. Here's an article from Lifehacker that explains more about how to set up two-factor authentication.
To get our latest articles when they are posted, please subscribe by e-mail or RSS.