How do you manage your passwords? Improve your password hygiene...

The biggest argument I hear from friends and clients when we talk about creating secure passwords is that they can’t remember them. So they stick to one or two stand-by words for all of their logins. That argument makes me cringe.

By now you know about computer viruses and malware and that they are relentlessly out there trying to get into our computer, device, website. Nobody is spared. In a previous post I explained about roving programs (often called bots) that are constantly (365/24/7) trying to get past the security setup of any online installation (or server), be it small or large, banks, blogs, email services, intranets, membership sites, absolutely anything  that requires a login.

So how is your “password hygiene”? Yes, it’s a new term that puts a measure to your password or security awareness. My password hygiene must be squeaking, as it has evolved to such a degree that as the keeper of over 500 passwords, I stopped counting. I manage many client websites and their inherent infra structure which involves from 1 to  5 passwords for each site, or more.

Are you still the weak link?
Now, 3 years after I wrote this article, this subject is still current. And yet many still don’t ‘get it’. Security awareness has only marginally improved, pushed  forward by Google, who requires websites to be encrypted, webmasters who enforce more secure passwords, other services who require you to change your password on a regular basis. If you would like to know more about this subject, here is a compelling article that in great detail will tell you why you should get with it and take your online security (and that of others) more seriously.

Two excellent articles tell you more about passwords, history, usage, how long, how short, do and don’t. Read “The Evolution of the Password — And Why It’s Still Far From Safe” by Rebecca Hiscott, and “Is Your Password Really Protecting You?” by Denise Lu. Interesting facts and info-graphics about the subject should give you enough information—fingers crossed—to make you want to improve your password management.

If you haven’t already done so, you really should update your thinking about that simple password you’ve used for all these years. Nobody remembers all their passwords, but everybody can remember one. The one password that opens the safe or file that lists all their passwords.

My recommendations

I have used Password Safe for keeping absolutely everything, passwords, credit card information, anything I don’t want ‘out there’ but want easy access to. You can create many files for different content. Remember one password for all files. Very easy to use, but it only works on Windows and Unix. The files are doubly secure if they are kept on an encrypted USB drive.

Securesafe Logo

I am now using a terrific online service that is based in Switzerland. It’s free for the first 50 passwords, which is sufficient for most people. Since I keep so many passwords and access codes for others, I use the paid service, which is still very reasonable. Their security is pretty impressive. Besides being easy to use, their servers being in Switzerland in a former military bunker, and their service being recommended by Swiss Banks for their clients, SecureSafe has some unique features that don’t exist anywhere else: Password inheritance (even for the free service). You can assign a password or sets of them to those who will get them should something happen to you. Also included is a generous amount of storage to keep your confidential files or documents secure. Of course all of that is accessible from anywhere, with any device, at any time.

PC Magazine has listed The Best Password Managers. I like their recommendations, there should be something for anyone’s needs.
Do yourself a favour, don’t keep your password list in an unprotected text file on your computer named: My Passwords.