Updated Sep. 23, 2019. Originally posted Jul. 30, 2013.
If you’re just stumbling across this, please click here for the other posts in the series.
Passwords Are Everywhere
It seems we have passwords for everything anymore. Not only do we have passwords for offline things (like our debit cards and voicemail); now we have cpasswords for everything on the computer: our email, online banking, social media, bulletin boards, favorite stores, and more. It’s not very secure to use the same password for everything, but it sure can make your head spin trying to remember a few hundred different ones!
There are a couple things you can do to make it easier on yourself. One, you can use a system for creating your passwords. And two, you can implement a plan for keeping track of your passwords. Let’s talk about creating passwords for a moment and then we’ll get into the organization of password “storage.”
Creating Secure – but Memorable – Passwords
When I talk about a “system” for creating passwords, what I mean is a particular “template” or “pattern” you follow when creating passwords. Personally, I find this a bit tricky, since every site has different requirements. Some require that you use uppercase and lowercase numbers, a numeral, and a special symbol. Some won’t let you use symbols. The required lengths are different. You get the idea. But some people have great success with this method.
Generally speaking, folks who use this method successfully have a “base” pattern and then a certain part of the site’s name that they add somehow so they know which password to use. For instance, the base password might revolve around a sentence: “Every day I like to eat glazed donuts.” (I don’t really; that was a completely random sentence.) The password would be the first letter of each word: “EdIltegd” – followed by, say, the first letter of the website’s name.
So if I used this method (and sentence), my Google password would be “EdIltegdG” and my Yahoo password would be “EdIltegdY.” The advantage of this method is that it’s easy to remember (You know what your sentence is), but it’s hard to guess (because it’s not a dictionary word, and it has uppercase and lowercase letters built in). There are other methods people use, but this is the general idea. Adapt it as you need to.
Tracking Your Passwords
It’s still a good idea to have your passwords recorded somewhere, even if you remember them pretty easily. What if something happened to you? Would your spouse be able to access your email? Or your bank account?!
Now, you’ll have to decide what is the appropriate balance of security and convenience for you. At the most basic, there are two options for keeping records of your passwords. You can track them on paper or you can track them electronically. I’m a little nervous, myself, of tracking all my passwords in one place on my computer. If someone stole my laptop, they’d then be able to access all of my accounts. Not good. So I would rather have mine on paper, but that might not be the better option for you.
If you are going to keep them on the computer, you will most likely want to use some sort of software that’s designed to keep them secure, like LastPass or 1Password. (You could just put them in EverNote, or a Word document or something, but I wouldn’t recommend this unless you’re writing them down in some cryptic format.)
If you’re going to keep them on paper, you have a variety of options. Unless you work a high-security job or something, it’s likely that you don’t have to be too concerned about how secure your paper password-storage method is, unless you’re keeping it out beside your keyboard (because someone is unlikely to steal your computer and stop to look for your password records to take those, too). So you could use a book designed for that purpose. Or just write them down on a regular piece of paper (that you store someplace you’ll be able to find it!) or in your day planner. Or you could use an address book. (I like the balance of this last option – it has alphabetical sections already divided up, but it doesn’t cost as much as a specialized password book.)
If you go this route, you’ll still need to decide whether you’re going to write down the actual passwords, or just some sort of clue to what they are, or the “formula” for them. If you don’t write down the actual passwords, though, remember to have some way of letting those close to you know how to figure out the “real deal” in case of an emergency.
STEP 1: Decide whether your password records are going to be electronic or paper.
STEP 2: Choose a location/book/software/etc.
STEP 3: Write in all of the passwords you can immediately think of to record. Then put the record (if it’s physical) where you’ll be able to use it going forward.
How do you create/store your passwords?
If you’re just stumbling across this, please click here for the other posts in the series.
This article reports interesting research on passwords: http://www.datagenetics.com/blog/september32012/.
I use a system that relies on info about family members and friends. I keep in a notebook clues that I can use to remind myself of the info used for each password. Your article points out a weakness of my system: if I was gone, no one could find or figure out my passwords.
It’s really hard to balance all of those elements, isn’t it? I know I rely on relatively simpler passwords for less “secure” information, because they’re easier to remember, and save the *really* cryptic passwords for when I really need the security (like bank accounts, etc.).
Can you put an explanation of your underlying system someplace it would be found by someone going through your papers if you were gone? (I don’t know if it works that way or not.)