Random (but not really)

Saturday, May 26, 2012

Computer Security: Passwords

Now for the biggie: PASSWORDS.

Yes, I know. You HATE passwords. They’re hard to remember, and people always keep asking you to CHANGE them.

Well, there’s a reason you’re supposed to use complex passwords–and use unique passwords on every site–passwords exist to keep people from stealing your information. If you use a stupid password anyone can get your information. And if you use the same password on every site–even if it’s a strong password–if someone hacks that site, they can then use that password for any other site you access.

There is one relatively simple solution: use a password safe. I use KeePass to store my passwords. The nice thing about KeePass is that you can copy it to a USB keychain drive and always have all your passwords with you. If you do that, you only need to create ONE strong password you have to remember.

Aside from the xkcd comic I linked to up there, there are other things you can do to make memorable passwords.

Let’s say your favorite movie is Gone with the Wind. You can use that movie as the basis for your password by combining things you can easily remember. If your favorite character is Scarlett and you vividly remember first watching it in 1982, you could make your password Scarlett 1982. Or even better, $carlett 1982, or $c@rl3tt_O’Hara_1982. (No, I’ve never read the book or watched the movie, so if I got the names wrong, too bad.) That’s a password that’s relatively easy for you to remember, but would be hard for someone to guess.

Even more random, pick two items that are sitting on your computer desk, and use THOSE items for your password. If you always have red pens sitting on your desk in a Brooklyn Dodgers coffee mug, your password could be red pen dodger, or D0dger R3d P3n, etc. Because you’ll see the item every time you sit down at your desk, it will remind you what your password is, but it’s unlikely someone could guess that.

Yes, there are sites for which a throw-away password is perfectly fine. That would be a password that’s easy for you to remember that you use all the time. Registration sites frequently get my throw-away password.

But I strongly recommend using KeePass or some other password manager. It’ll keep you from forgetting all those complex passwords you created, but still make it hard for people to break into your account.

Powered by WordPress

books main pictures cats e-mail