All those online passwords—the longer and more complex, the better they’re supposed to be. And just when we have a tiny chance of recalling a few of them, we’re supposed to change them all again.
With reports of hacking and online security breaches becoming uncomfortably common, how can you keep your passwords safe and private?
Create combinations no one else could guess
Don’t choose passwords that are obviously easy to guess, such as ones that include your birthday, anniversary, middle name, or phone number. Don’t use a sequence of consecutive numbers or letters, such as 2345678 or lmnop. And don’t use a phrase, such as ILoveDerby. Don’t repeat passwords at many sites, using the same ones over and over.
Longer passwords (at least 12 characters) are generally safer and more difficult for password-guessing programs to break. The best ones are a random mix of letters, numbers, upper case, lower case, punctuation marks, and symbols (the more symbols, the better).
When you’re setting up a password, use caution in selecting answers to security questions. Don’t pick something a hacker might find in an Internet search about you, such as your hometown, your pet’s name, or your favorite sports team.
What happens if you forget your passwords? Most Web sites will e-mail you a link you can use to reset it—so make sure the e-mail address you’ve provided stays up to date. Some sites offer the option of texting the password reset link to your cell phone instead of via e-mail. That can provide an extra level of security if your e-mail account has been compromised.
For added security and simplicity, you may want to try a password manager application. Some services charge a fee. Once you log in to the application, the software remembers all your other passwords and log-in information. Some applications also randomly generate fabulously strong passwords for you that would be difficult for hackers to crack.
When choosing a password manager, consider your online habits—whether you typically use just one computer, or also want to be able to access your accounts from a smartphone or tablet. Some password manager apps work across all your devices; others only work on the particular device on which they are installed.
Keeping your passwords private
Don’t store your passwords on your computer—that can be dangerous if it’s a computer other people also use, or if the computer is stolen. Don’t keep the list of passwords in your cell phone, which could be lost or stolen.
Instead, try a low-tech option: write them down on a sheet of paper and keep it hidden. But don’t put the list in your wallet or purse. Instead, leave the list at home in a secret place.