Not Another Password!

If you’re like a lot of us, you have more IDs and passwords than you know what to do with. We all have some type of system for managing these, whether it be jotting the information down on paper, or, perhaps, a spreadsheet. Another method employed by many is to use the same ID and password wherever they can; the idea being to make life easier by not having to remember multiple IDs and passwords. Unfortunately, both of these approaches are sure to, eventually, cause you grief.

Writing IDs and passwords down makes it easy for the information to fall into the wrong hands. Saving the information in a spreadsheet, or other data file, also puts your data at great risk. Memorizing a single ID and password, and then using them on multiple sites, may seem like a good solution, but, unfortunately, puts you at just as much risk as the previous solutions. Since this is the approach used by so many, let me dwell here for just a moment.

Let’s imagine that you use the same ID and password on all of your accounts. Now imagine that your login information has been stolen. Think -really think- about the significance of what has just happened. The person that stole your information, now has access to, not just one, but all of your accounts. Now let’s imagine that you, miraculously, discover that this information has been stolen, before anything is taken from your accounts. Because all of your IDs and passwords are the same, you are now forced to make changes to every one of your accounts in order protect yourself; all because of the compromise of a single set of credentials. Many of you may be telling yourselves that this isn’t as risky as I make it out to be, after all, how will the thief know where to use this information. Unfortunately, discovering where you have accounts is much easier than you might imagine. Give me access to your PC, and a set of credentials gained through social engineering, or other means, and there is a, very high, probability that I can figure out where to use them.

Now that I have you scared silly, what is the solution to this problem? Use a password manager. There are many tools out there such as Handy Password, Secure Store, Norton Password Manager, or my favorite, Password Agent. What’s great about these types of tools are that they can safely store your information in highly encrypted files, making it virtually impossible for your data to be stolen. Many of these systems can run from a thumb-drive, thus making it easy to take your passwords with you wherever you go. One of the best features is the password generator, which can generate random passwords, and, if desired, can generate strong passwords (if your site allows it, use strong passwords). Another nice feature is the ability to auto-fill the login ID and password so you don’t have to type or cut ‘n’ paste the information onto your web-form.

I use my password manager to store information such as web-site IDs and passwords, PIN numbers for credit cards and voice mail, serial numbers for web purchased software, credit card numbers and bank contact details (in case my wallet is ever stolen), and much more.

Be careful with your data, and don’t put yourself at any more risk than is necessary. Store your credentials in a system designed for this purpose, always use different IDs and passwords, make your IDs and passwords as long as possible, and remember to change your passwords frequently.

~GT~