What not to do with passwords

Don't:

Write them on a post-it stuck to your monitor

Use the word "password."

Keep a printed list in your planner.

Use passwords when using a free wi-fi site.

Keep them in a word processing file called "my passwords."

Use the same password and username on every site.

Need more tips?

CW

Syndicate content

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

How about a zipped text file with password?

You could keep them in a simple text file that is encrypted(zipped )with a good password.

I might do just that, some of the security measures I use are overkill.

Nothing wrong with using the same password if you don't care much about the sites (facebook, myspace, other useless sites, not this one of course).

Create a system

Many years ago, I read that you could use the same password, in essence, if it's part of a system. This is really helpful if you have many passwords. I use one system for bank accounts and card pins and another for everything else.

For instance, if you like blue shoes, you could use that as part of each password plus the name (shortened or the acronym) of the web site or company. You could also use a descriptive word instead of a name. Here are some examples:

eBay = "eBayblueshoes" or perhaps "buyblueshoes"
DIYPlanner = "DIYblueshoes" or "planblueshoes"

With this system, I rarely forget passwords and only have the bare minimum stored securely in my BlackBerry's Password Keeper. Even then, I don't put the password but a clue, such as "favourite clothing."

Tips: (1) Create a system that includes numbers and letters because many sites and companies specify that you use both. (2) Create a short and longer version of your system to accommodate for password length/character requirements and restrictions. (3) Use alternate spelling (e.g. "buy12blushuz" or "buyblu3sh0es" with 3 and zero instead of E and O) to increase the complexity of the password.

One password

I agree that the easiest thing to do is to create one password which can be used for most sites. In response to the point that many sites have special requirements, i believe its best to create a password that already includes some special characters, some numerics and a couple of words.e.g. #@debbie1000 and use this for all websites so that it will inevitably meet the myriad requirements. Some applications such as Lotus Notes etc require periodic change of password. I find it easiest to simply change the last digit or number... so during the first change it will be #@debbie1001 and then #@debbie1002 and so on. Its easy to remember (since the previous password would have been used for a fairly long time, that the next number in sequence can be remembered easily after a change of password) and hassle-free. Most applications/websites which insist on a periodic change of password, do so at a 3 monthly interval so its best to change those passwords together, so that you have one password for all websites and one or may be two more (which are in sequence) for the other websites which insist on a password change.

Debbie

coded passwords

This has worked for me. I keep a coded list where I need it, taped to my laptop and in my planner. No one would be able to decipher it. It goes like this.

First write down some dates that are very meaningful to you alone. It should not be your birth date or your childrens birth date, etc.

Then, write down odd names that you may have encountered during the years. Again, they should not be associated with your family.

Here are some examples:

Code Actual password
etoH (escapetoHawaii)
p21a (ped21ovia)
f21d (free21dom)
19a2 (19andrew2020)

I keep the coded list on my laptop. I also abbrv. the name of the site that the coded password belongs to. The code tells me what the password is. And of course I keep a uncoded list around the house in a unlikely place.

This works for me.

ETOH

LOL ! ETOH is a scientific abbreviation for 'alcohol'. :-)

Tool

Between my homelife, my freelance work, and my job I have a bajillion (mathematicians will recognize this highly-technical math term) of passwords. I keep track of them using Keepass on a thumbdrive. It's opensource and it's free. Also put all the kids' passwords for their multitude of accounts. Works really well.

WinZip does encryption

I think a ton of folks overlook WinZip's encryption feature. WZ is ubiquitous and the feature is built right in.

One of my computer security friends gave me a suggestion once...

several years ago, and it seems to work pretty well for me, and you could easily make a note in a planner to remind you without giving away the password. (At least, it's passed most of those security check things that some password sites use - someone please point out if there's a flaw.)

Pick a line you remember well from a favorite song (or poem or quote, I imagine, would also work.)
Take the first letter from each word (or second, or last, whatever floats your boat)
Change some of the letters to numbers/special characters - I becomes 1 or !, as an example (just stay consistent within your own scheme so you're not using 1 in some and ! in others.)
With the remaining letters, capitalize some based on a fixed pattern. (Every other one, every two, whatever. Like I said, stay consistent within your scheme.)

You now have your password. (If it's too long, I tend to keep it as the full thing in my head anyway - easier to think of that way.)

You can now put a note in your planner or desktop file or whatever that's just the name of the song/poem/quote, which should be enough to jog your memory, without giving away the actual password at all.

An example password I no longer use: H1wYwH42 - My clue would have been Pink Floyd. ("How I wish you were here" - I added 42 on the end in that particular case because the 'you' was a specific person and 42 reminded me of him - yes, geek reference - so it was easy to remember even though it wasn't part of my 'system' of password generating.)

frequent password changes

I have one account that requires quarterly password changes. I have a password "core" a string of letters I can remember (not my initials) that I follow with the season and year. So, if my core was "blueshoes" my password right now would be "blueshoesfall2010". You could also use the month abbreviation or number if you need a monthly change of password.

passwords

Well I havent seen anyone mention this...I email them to myself....made a folder in my email that says "keep" and they are all in there. Honestly alot of them I have memorized but for websites i dont frequent often, this is helpful

"Meddle not in the affairs of dragons for you are crunchy and good with ketchup"