When it was just one or two passwords it wasn’t a big deal, but these days we all have dozens of passwords, pin numbers and ‘secret words’ to remember. Given that different sites demand different combinations remembering them all can be a headache.
At one point it was good practice to have three levels of password:
- One basic password for community sites – like social media, often a memorable word.
- One that was harder to break for sites where you entered personal information – usually with a combination of numbers and letters.
- One for sites where your bank or card details were involved – requiring a random combination of numbers, letters and symbols.
All you had to remember were 3 passwords. However, then some websites had case sensitive passwords, some wouldn’t accept certain symbols and there were more and more of them. There is no way you could possibly remember them all.
People developed ways of storing their passwords ranging from a ‘little black book’ to a file in their mobile phone. The trouble is none of these was really secure – lose your phone and it meant changing all your passwords – ideally before whoever now had it didn’t find the file and mine your bank accounts.
Then password managers came along and a good password manager means that all you need is one application and all your passwords are secure.
Of course, there are people who are cynical about this and say that a password manager just needs to be cracked and the cracker has access to EVERYTHING! Actually most good password managers not only generate random strong passwords, that are encrypted, but have multiple access layers making getting in much tougher.
There are many different password managers – LastPass, Keeper, 1Password, KeepPass and Dashlane are all good value.
Put a log in feature into all your mobile devices (phone, notebook and tablets) so nobody can just pick them up and use them. If you have an iPhone 5S (or newer model) you should have fingerprint ID to access your phone.
Set up a feature for your accounts so when someone tries to log in from a new location (a different computer or phone) they have to enter a code to register the device as a trusted device. This means that you’ll get a text message with a code to enter before you can go further. This does depend on your bank, email provider or other online accounts offering this security feature – if they don’t maybe consider using a service that does.
When you change your password on any site don’t use one you’ve used somewhere else. That simply means that once one account has been accessed, others can be got into with no effort on the part of the cracker.