Password Philosophy

As you have no doubt heard, some Russian hackers are collecting passwords.  What they plan to do with them is still unknown.  It is recommended that you keep an eye on your accounts and start changing your passwords.

I frequently get asked about password management.  “Can I use the same password for everything?”  “How do I keep track of them all?”  “Is any online account safe?”  Due to this, I have developed a 3 password philosophy.

Side Note: My personal style is to memorize everything.  I have a strange ability to remember my hundreds of usernames and passwords; I attribute it to not having to memorize phone numbers.  I hope I never end up in jail, because I barely remember my own phone number.  I understand memorization is not reasonable or realistic for most people.

1.  Bank/financials –  password should be memorized, unique, strong and changed frequently. If you have multiple financial institutions, then each one should be memorized, unique and changed frequently.

2. Email – password should be memorized, unique, strong and changed frequently. If you have multiple emails, then the one that is your master email is the most important and this should be applied to only that one.  By master email, I mean the one you use to sign up other accounts with, use for buying stuff online etc.  This is important to protect, because many of your other accounts are tied to your email.  If you change your password on one of your social media accounts, you will be sent an email, where you then click on a link to reset the password.  This process is true of many accounts.  You will also be notified of activity on many of your accounts through email.

3.  Everything else, including your junk email – use a password management system, whether it is online, in your browser, a piece of paper on your desk, an address book, whatever.  Make them the same or different.

For strong passwords, use a combination of lower case, upper case, numbers, symbols and aren’t real words.   Changing your password frequently means every 3-6 months.

Are passwords safe?  They are as safe as the lock on your front door or car door.  They keep honest people honest, but if someone really wants in, they will figure it out.  Financial institutions and email companies have an interest in keeping passwords from getting in to the wrong hands.  However bigger companies have more resources to use to protect accounts.

When buying online, if there is any doubt try using a big, established company to pay for products on line.  For example PayPal, Etsy, Ebay and Amazon allow you to buy from smaller companies and the money is funneled through the big companies, which keeps your credit cards a bit safer.  This is nice, because you can support small businesses and protect  yourself.

There are weaknesses in every system.  This is something I have developed to ease the burden of trying to memorize all the passwords.  Use common sense and use what works for you.