If a single master password program is not ideal for you, then consider ‘best practices’ for establishing a password. This column has discussed ‘best practices’ before, but it’s a topic that certainly bears repeating:
-Don’t use the same password for all of your accounts. Consider this: If you forget a password for a particular account, will the password be emailed to you if you request it? Assuming that particular emailed password is used for multiple accounts, what happens if your email is hacked? The hacker now has access to multiple accounts.
-Use the hardest passwords for your most important accounts, including your bank account or credit card.
-Don’t use an actual word that can be found in the dictionary. Hackers can often gain clues to your password simply by looking at your Facebook page. If your Facebook page announces that you are a huge Indianapolis Colts fan, it is not advisable to reference the Colts in your passwords.
-Consider using a passphrase, but in an abbreviated form. Determine a sentence, and use only the first letter or two of each word to create a passphrase.
-Incorporate symbols, numbers and capital letters in your passphrase. If possible, use symbols in place of numbers (i.e. use a “!” in place of using “1”).
In keeping with the points above, taking a security phrase like “Greensburg Pirates 3A State Basketball Champs 2013” could be translated to “GP3@sbc2T!3. “There are no true words in the phrase, there is a mix of capital and lower-case letters, and both numerals and symbols are included.
Yes, maintaining strong passphrases is a hassle. Yes, it is a little work. But in the end changing your passwords to indecipherable gibberish, and doing so regularly, may save even bigger headaches down the road.