Scott Wright | Technology
You’ve seen this type of post before. You know you need to have more secure passwords, but somehow it never happens. Or maybe you have a secure password, but you use the same password everywhere - very bad idea.
Here are a few options to get you going in the right direction, I hope one of them is something you can start doing right away and, over time, make your online interactions a little more secure.
There are apps out there to help with the process of creating more secure passwords; LastPass and One Password are 2 great ones. They both let you create super secure, unique passwords and store them securely on your computer or in the cloud. You create a master password to unlock access to all the stored passwords. Security experts have vouched for the security of both these systems so I have no hesitation in recommending them. LastPass is web based, One Password is run from your device. Both are available for practically every computer or device, both include browser extensions to make logging in to password protected sites dead simple. One Password costs $50, LastPass is free. Both offer mobile versions, One Password $15, LastPass $12 per year.
My biggest reluctance with both of these is that integration with mobile browsers is poor, and prospects for improvement are not looking good in the short term. The mobile apps allow you to switch to that app from your browser and copy the password to clipboard and then paste it into the browser. They also come with built in browsers that integrate perfectly with the stored passwords, but you give up some of the better native browser enhancements. It’s not yet a great experience.
Make it easy on yourself The solution I recommend, is to come up with a root password, something secure and memorable. It should be 6 - 8 characters long, and contain at least one capital letter, at least one lowercase letter, and at least one digit. I would not use any special characters in this string because too many sites don’t allow them.
- Ltgttc72 - Leave the gun, take the canolis. From The Godfather, released in 1972.
- JSW95cam - My initials, the year we married, my wife’s initials.
- CoDaSco80 - My highschool and graduation year.
I think you get the idea. Try and stay away from dictionary words – this should be a rule of thumb as you create secure passwords.Now, come up with 2 - 4 numbers or letters from the site or system the password is for. For example the first two vowels followed by the last 2 consonants, or the last consonant followed by the first vowel. Come up with a rule for when the site name doesn’t contain all the characters for your rule, like maybe use X when a character doesn’t exist.
Putting it all together Take the string based on the site name either in front of, or behind your root password. That is your password for that site. Each site gets a unique password. You only have to remember your root password and your rule. If the site requires a special character (&, @, *, etc.) add it to the end. Always use the same special character. Try without the special character first, and if that doesn’t work, add your special character.
Banking and other super sensitive sites, you might consider using a different root password or possibly 2 factor authentication for these sites.
Email because access to your email account can lead to multiple compromises in short order, please consider setting up two factor authentication for your email.
You’ll be surprised how quickly you adapt to this process. Your site rule will become second nature in under a week.