The great (and obvious) thing about a password is that it protects your stuff. The not-so-great thing is having to remember the millions of passwords you need to get into every online account you’ve ever created.
The natural go-to for many people is to use the same password for everything. Another apparently foolproof solution is to keep a document that itemises every single password you use for every account. Both - and more - are terrible ideas when it comes to password security. Here’s why.
Storing Passwords on Your Desktop
Some people create Microsoft Word or Notepad documents that list their various accounts and corresponding passwords. Often, they’ll store that document on their desktop “so it’s handy to get to when they need to”, even going as far as labeling that document ‘Passwords’ so it’s easy to find amid the rest of their digital clutter.
While this strategy might sound organised, it’s definitely not safe. If your computer was to get hacked, you’d be basically giving the hacker access to every one of your accounts on a silver platter.
The safest way to store your passwords electronically is in an encrypted password management system like LastPass, 1Password, SplashID or Dashlane. These password storage systems remember all of your passwords for every online account for you, so you only have to remember one password: the one you use to log into your password manager.
If you use a Mac, you can also save your passwords to Keychain so they’ll follow you wherever you go. If you want to access them, simply log into Keychain Access which is built into Mac devices. If you use Google Chrome as your default web browser, you can save your passwords in your Google account, which only you can access via your Google password.
Storing Passwords in a Little Black Book
Another common - yet wrong - way to store your passwords is the old-school version of Word docs: physical notebooks. If you store all of your personal details in a diary or notebook, then you lose it or it gets stolen, you instantly lose access to and control over your accounts.
The safest way to get around this is to go digital and use an encrypted password security management system as above.
Using the Same Password for Everything
This strategy might be good for those of us with bad memories, but it’s not very safe. If someone was to crack that one password, they’d have access to every other account you use the same password for.
Mix up your passwords and change them every 3-6 months to boost your security.
Another great piece of advice is to increase the complexity of your passwords. The latest research from the National Security Agency (NSA) says that passwords that are at least 20 characters long are significantly safer than shorter ones, simply because it will take much longer for a hacker to figure out. “But how am I going to remember 20 characters?” we hear you ask. The NSA suggests you use a series of words instead of just one long one. It could be as easy as choosing four random things in your office and stringing them together, like ‘sunscreenscissortspenwallet’. This strategy is much easier to remember and much harder to hack.
(Not) As Easy As 1-2-3
If you think consecutive numbers are easy to remember, they’re also easy to hack. The same goes for passwords that use your first or last name, birth dates and numbers that are all the same (take note, Kanye).
How to Remember Your Password
If you’re not so good at remembering your passwords, here are a few tips:
Use random objects on your desk and combine them to create a long password, eg. ‘monitorspeakerbusinesscards’.
If you have to create a password with capital letters, numbers and symbols, write the numbers and symbols somewhere then remember the rest of your password in your head.
Recite your password over and over until you remember it.