When it comes to computer passwords there are 3 things I’d always recommend…
- Give each site, or piece of software, a different password – never re-use!
- Make your passwords complex
- Never record them in a spreadsheet!
Basically, when I sign up to a site I find out how long and complex they’ll allow a password to be and create it to that limit! Up to 16 characters line with both upper and lower case and numbers accepted? Find, then it’s 16 characters of mixed case and numbers. The bigger and more complex the harder to crack. Short of getting one of the computer forensics degrees, here are some more tips for you.
Many people use browser based solutions such as LastPass. Apart from the fact that these are restricted to your browser you are also leaving all your passwords with a single company in “the cloud”. A single security flaw and you could loose them all. Look at Sony’s issues this year as a perfect example!
My solution is secure and isn’t tied to a browser. It’s downside is that it’s tied to only computers that I use (which many may also see as an upside!).
The result of this is that wherever I have Dropbox on a PC I can access KeyPass and the resulting file. There’s even a version of the software for Android and I download the latest version of the password file using the Dropbox Android App to access it.
Dropbox, by itself, is not secure. However by encrypting and securing the password file saved onto it even if someone gets hold of it they can’t access the passwords within it. As a result all my bank and other financial passwords, amongst many others, are long, complex and hard to crack – I can afford to make them impossible to remember because I don’t need to. And, although KeyPass won’t fill browser fields in automatically, it will generate highly secure passwords for you.
Do you have an alternative, secure recommendation? Add a comment and let me know!