4 min read
One the first steps in discussing privacy and security in online spaces usually involves your passwords. The challenge is that far too many of us have awful passwords, or terrible systems to handle these passwords.
There are several things we need to assume as we work with digital tools.
- You will be hacked
- You have already been hacked and don't know it
- You will have to change your passwords quickly when you are hacked
- You will most likely have to change passwords often
Changing your passwords frequently is one of the simplest things you can do to protect yourself from digital threats. Now that we have that out of the way, let's consider how to effectively manage the situation. In this post I discuss using a password manager, and two possibilities for creating challenging passwords.
Use a password manager
Password managers are a smart way to keep track of your passwords. A password manager is a giant vault that stores all of your passwords and uses one master password to let you log in. Keep in mind that no system is perfect...even password managers. You have to trust the company controlling your passwords to let you know if they have been hacked.
I use LastPass. I know plenty of other people that use 1Password and KeePass. Each service provides different features that you can review. The benefit of a password manager is that they will often warn you about security breaches of services and recommend that you change your passwords. Password managers will also create meaningless, random passwords using a variety of characters, symbols, and lengths.
How I use LastPass
I install the LastPass Chrome extension, which is automatically synced across all computers that I use. When I sign in to my computer and start up Chrome, a pop-up will ask me to log in to LastPass using my master password. The LastPass Chrome extension works well on Chromebooks as well.
I also use two-factor authentication with LastPass as well. I'll discuss two factor authentication in another post.
I also install LastPass on my Android phone/tablet as well as my iOS devices (iPad/iPhone).
Create challenging passwords
If you do have to create a password that you'll need to remember, I have a couple tricks to check out.
Use song/movie lyrics
Use a song lyric (or movie line) to create a challenging master password. Keep in mind that you should use this password once, or use it as your master password for a password manager. Pull out the spaces, add a random character or two, and add in some capital letters.
If you want to make it even more challenging, eliminate letters, or swap them out for other characters. Start with a line like:
Living off borrowed time, the clock tick faster.
Eliminate some of the letters and substitute the characters to get something a bit more random.
Create an algorithm
If the song or movie lyrics do not work for you, I recommend using a formula or set of rules for your password system. Once again, this might not be the perfect solution...but it should get you started.
To create your algorithm, identify a base layer of your formula. This could be an important name, birthday, or series of characters. As an example, you might use your dog's name, street you grew up on, and the year of your birth.
This initial sequence would be the base layer of your password system. From there, you would add the name or the product or service you're logging in to somewhere in the sequence. You'll just have to remember the rules of your algorithm.
If you are logging in to Google, your password might look like:
If you are logging in to Facebook, your password might look like:
Develop a system
One of the key takeaways from this is the need to be aware of your passwords and develop a system. One password for everything is not an option. You need to be aware of your passwords, or the system used to manage them. You need to be prepared to change any/all passwords at any moment.