Easing Password PainJune 30, 2016
Does keeping track of your passwords make your head hurt? If so, you’re not alone. Surveys find that the average user has anywhere from 6 to 130 passwords across work, online shopping and bill-paying, social media, and other online accounts. As Wall Street Journal columnist Geoffrey Fowler said recently, “I have more than 150 different logins and counting. I’d have to be Rain Man to memorize that many passwords.” Passwords are a challenge, but fear not: there are solutions that can keep you both safe and sane.
Safety first, so tempting as it is, don’t use your birthday, your mom’s maiden name, or the often ridiculed, yet often used “1234.” A strong password should be at least 8 characters long and include a mix of letters, numbers, and special characters (depending on what the site allows). Use this rule of thumb: don’t use any words that could be figured out from your Facebook page. Also remember that many sites will ask you to update your passwords periodically, and many won’t let you just change one number (for example, “this!zMyp@ss1” can’t become “this!zMyp@ss2”).
The best way to remember passwords is to store them as soon as you create them, and NOT in a spreadsheet on your computer. While you’re at it, store the answers to all those security questions they ask you when you set up a new account. After so many data breaches in the news, businesses and banks are bypassing the easy questions like your mother’s maiden name and going for ones that may not have simple answers. (Maybe your favorite color is turquoise today, but when you set up that account last winter you were in an aubergine mood.) Some sites are getting more sophisticated and asking questions derived from public records or credit reports, such as streets you’ve lived on and banks that you’ve had a loan with in the past.
So how can you store all those passwords safely? The best approach is to use a password manager application that encrypts your passwords, so that, even if someone gets access to them, they can’t read or use them. Most store your passwords in the cloud, so that they are available to you from all your devices.
When you use a password manager, you only have to remember one master password, and the software does the rest. It will recognize web sites and fill in passwords for you, either automatically or on command. (You should share the master password with a trusted friend or family member, just in case someone else ever has to manage your accounts in an emergency.) Most password managers can capture new passwords as you create them, and some allow you to store other information such as wi-fi network passwords, or your address and phone number, so they can auto-fill fields for you in online forms. Some will generate strong passwords for you or run a test on your passwords to determine password strength and duplication.
Password managers typically have yearly fees, and a good one can cost from $12 up to around $39. The Dashlane and LastPass apps received 5-star ratings from PC Magazine. Getting started with a password manager will take a little time, but how much time do you spend now clicking on those “Forgot My Password” buttons and scrambling for answers to the security questions? Remember, safe and sane. As WSJ writer Geoffrey Fowler said, a password manager is “like the memory you wish you had.”