Q: With every site and service turning toward user customization it seems I have dozens of different passwords to remember. Uppercase. Lowercase. Numbers. I can't keep track of them all. What can I do?
A: Last week, Keith Ferrell wrote on InformationWeek.com that the change of the seasons was a good time to also change your passwords and review basic Internet security principles. Some sites or services that you may use will prompt you to change your password on occasion, but most let your passwords sit stagnant after they've been created.
To be honest, I've used the same handful of passwords on every site I frequent for nearly a decade now. Luckily, they've never been compromised. The first rule of Internet security, of course, is to use different passwords on different sites so that if one of your accounts is hacked, the others will remain secure. But I have a terrible memory when it comes to these things.
The two times I've had to change my password with some regularity -- a university log-in and the log-in for a content management system I required access to for work -- I would tweak the numbers each time and then write the password down on Post-It Notes, leaving them for all to see.
So we had a similar problem. And I don't think we're in the minority. Luckily, there are some options out there.
If you're willing to spend $39.95 (there's a free trial period), 1Password is probably the way to go. (The Mac version is the default, but 1Password is currently testing a Windows version and also offers services for iPhones, iPods and the iPad.) Download the tool and a simple browser addition makes password safety yesterday's problem. A Strong Password Generator will create, you guessed it, very strong passwords and remember them for you. Check out the 3-Minute Expert Guide to get a sense of some of the other features that 1Password offers.
For those not willing to part with forty bucks, there's a cheaper option. PasswordCard will generate a string of unique, strong passwords for you and allow you to print them out on a credit-card-sized piece of paper. Tuck the card into your wallet like any other business card and reference it when you need to.
This option, of course, is less safe then 1Password as it requires you to keep a list of your passwords on your person. But, "a chain is only as strong as its weakest link," as the site points out. "It's far safer to pick secure passwords and write them down, than it is to remember simple and easy to guess passwords."
Tools mentioned in this entry:
More questions? View the complete Toolkit archive.