Monday, February 18, 2013

Password Vault- Yes you need one!

Where do you keep your passwords?
On a post-it note next to your monitor? Or on the bottom of your middle desk drawer? Or in your wallet?

How many different passwords do you have? Do they have words in them (like rose or flower)? Do they have numbers in them?

Do you know what a secure password is?

Passwords are a necessary way of keeping our accounts secure and yet they are the most insecure way to keep those accounts secure. They are the easiest to break or convince people to give up. Yet they are the handiest way to access your accounts from everywhere. So how do you protect yourself? Have a secure password.


What is a secure password? A password is considered strong when it contains 15 characters including at least 2 lowercase letters, 2 uppercase letters, 2 numbers and 2 other characters (like * or &) plus has no recognizable words or keyboard patterns. So something that looks like this:

zB4%mY0z8>jJkQw

Pretty easy to remember? Yes? No? You don't think so? Well this is a pretty secure password that hackers would have a hard time cracking.

Passwords need to be strong to avoid letting hackers guess them. And hackers don't sit around and say to themselves, "Hmmm, I wonder if Cathie uses her dog's name as a password. A lot of people name their dog Chance. I wonder if her dog's name is Chance. I bet she doesn't even capitalize it." No, they use simple and/or sophisticated programs that do the guessing for them.

So that password up there, the one not easily guessed, once it's memorized you can use it on all your accounts--right? NO! No, no no. What happens if someone gets a hold of the Netflix account files. (Netflix is not careless with their data, I am just using them as an example.) Not a traumatic thing in the long run, after all, is it going to bring down the nation knowing you like the movie Big? Probably not. But the bad guys take your email address and password and go to places like the banks and try them out there. This is why you need different passwords for all your accounts.

So do we make a spreadsheet with all the accounts and passwords so we can keep track of them? And name it 'passwords'? Save it on our desktops? Yeah...no. But is keeping all your passwords in one place a good idea? Oh yes!! But let's put them in a password vault.

A password vault is a program that stores and organizes your passwords for you. It makes it easy to access the places you need to go as most vaults allow you to drag and drop your username and password to the login fields. Most vaults also create passwords for you. The vault keeps all the passwords locked down under one main password. This one, and the one to log onto your computer, is the one to remember.

But that password up there? How can you possibly remember something like that? Let's look at Cathie again. Her dog's name is Chance. And he was the second pet named Chance. She decided on the name Chance by saying 'eenie meenie minie moe catch a tiger by the toe'. So a perfect password would be:

caTbtt(hAnc3#2

What? you say! How is that perfect? Well, we use the first letters for 'catch a Tiger by the toe (eenie meenie minie moe uses too many repeated letters), use a left parathesis for the C in Chance, then capitalize the A, use a 3 for a backward e, and #2 for second pet.

So one tough password that is easy to remember. And although that hacker may know Cathie's dog's name, and the alternate characters to use for letters, he can't know the name AND that Chance was the second pet AND how she chose his name.

There are a lot of password vaults out there. Some cost, some are free. My recommendation? I use KeePass which is free. It is stored on your computer and you can put it on a flash drive. There are others, I have looked into but have not tried. LastPass**** is a password vault that is stored in the 'cloud' so you can get to it from any device. It's free too. Keeper is for mobile, found on Google apps and there are links to others. Your anti-virus program may have a form of a password manager. I know that avast! does, I just don't use it. Do a little research.

Here are some other blogs discussing the need for password vaults: ZD Net's A password vault is as mandatory as anti-virus, Lifehacker's Which Password Manager is the Most Secure?, and ITS Technology Tips' Password Vaults: Keep your Passwords Safe!.

1 comment:

  1. Ok great now I have to change all my passwords ! Bahhaha

    ReplyDelete